Google releases Password Checkup Chrome extension to detect vulnerable username and passwords

Google Password Checkup

Google has introduced a new Password Checkup Chrome extension to help keep your password safe. Whenever you sign in to a site, Password Checkup will trigger a warning if the username and password you use are one of over 4 billion credentials that Google knows to be unsafe. You can download it from Google Chrome webstore.
Password Checkup was designed jointly with cryptography experts at Stanford University and is ensuring that it never learns your username or password and that any breach data stays safe from wider exposure. However, the Password Checkup is an early experiment at the moment. Since alerts prompt users to be extra careful, Google is focusing only on warning you about unsafe usernames and passwords.

Password Checkup

Google says that it designed Password Checkup to prevent an attacker from abusing Password Checkup to reveal unsafe usernames and passwords. All statistics reported by the extension are anonymous. These metrics include the number of lookups that surface an unsafe credential, whether an alert leads to a password change and the web domain involved for improving site compatibility.

The Password Checkup is designed in a way to only alert you when all of the information necessary to access your account has fallen into the hands of an attacker. It only generates an alert when both your current username and password appear in a breach, as that poses the greatest risk. Password Checkup is currently available as an extension for Chrome. Since this is the first version, Google says that it will continue refining it over the coming months, including improving site compatibility and username and password field detection.