20:43 GMT30 October 2020
Listen Live
    Society
    Get short URL
    205
    Subscribe

    In a study released Thursday, Google found that 1.5% of sign-ins by 650,000 people scanned by its Password Checkup Chrome extension were unsafe, meaning that those usernames and passwords had been hacked through third-party breaches.

    "Hijackers routinely attempt to sign in to sites across the web with every credential exposed by a third-party breach," Jennifer Pullman, a software engineer for Google, is quoted as saying by multiple sources. "If you use strong, unique passwords for all your accounts, this risk disappears."

    In February, Google released its Password Checkup extension to keep online accounts safe from hacking. Google is aware of more than 4 billion username and password combinations that are unsafe due to third-party data breaches.

    “Wherever you sign-in, if you enter a username and password that is no longer safe due to appearing in a data breach known to Google, you’ll receive an alert. Please reset your password. If you use the same username and password for any other accounts, please reset your password there as well,” Google says in a description of the extension on the Chrome Web Store.

    “In the first month alone, we scanned 21 million usernames and passwords and flagged over 316,000 as unsafe - 1.5% of sign-ins scanned by the extension,” Google concluded in a blog post Thursday. Google’s research also found that 81,368 accounts, roughly 26% of users, ended up ignoring recommendations to reset passwords flagged by the extension as unsafe. 

    In addition, entertainment sites had the highest percentage of breached passwords at 6.3%, while pornography sites followed closely behind at 3.6%. Financial and government websites were much less likely to have breached passwords, at 0.3% and 0.2%, respectively.

    “Even better, 60% of new passwords are secure against guessing attacks — meaning it would take an attacker over a hundred million guesses before identifying the new password,” Google added. “Our study illustrates how secure, democratized access to password breach alerting can help mitigate one dimension of account hijacking.”

    Related:

    Same Scheme May Have Been Used for Suspending Jordan Peterson, Tulsi Gabbard – Google Whistleblower
    Porn Star-Turned-Actress Sunny Leone is ‘Most Googled’ Celebrity in India
    Google Users Worldwide Report Issues With Search Engine's Services
    Whistleblower Claims Google Created List of Sites to Exclude From Android Feeds
    Great Piece of Kit! Huawei to Launch Google Maps Rival by October
    Tags:
    Privacy, breach, Google, password
    Community standardsDiscussion