Google has just created a Chrome plugin called Password Alert that warns you if you input any of your Google login details into a non-Google service. It’s basically a very clever way to help us clumsy fools avoid phishing scams.
Any time there’s a major personal details breach online we fly off the handle and blame these corporations for not looking after the little guy.
When, in truth, it’s far more common for us users to be the ones leaking out the information. That could be anything from truly rubbish passwords like ‘password’ or ‘password1’, through to elaborate – or not – phishing scams that trick us into thinking we’re on a legitimate page when we’re not.
So Google, ever the fighter for our personal liberties (cough), has given us a leg up. Password Alert is quite clever indeed.
If you enter your Gmail or Google for Work password into anywhere other than accounts.google.com, you’ll receive an alert, so you can change your password if needed, essentially allowing you to get ahead of your now compromised account.
Password Alert also tries to detect fake Google sign-in pages to alert you before you’ve typed in your password. To do so, Password Alert checks the HTML of each page you visit to see if it’s impersonating a Google sign-in page.
It only works on Chrome, but then again so do many people out there.
Crap password image, via Shutterstock