• Google’s new password checkup tool is a must have

    Date:19 February 2019 Author: Brendon Petersen Tags:, ,

    Data breaches and account hacking has become more prevalent than ever before, which makes staying safe online of paramount importance.

    Google has released a new password checkup tool to help you stay safe online – not just Google sites or services. The new Password Checkup Chrome extension will trigger a warning whenever yo log into a site if the username and password you use is one of over 4 billion credentials that Google knows to be unsafe.

    Google says that Password Checkup was designed jointly with cryptography experts at Stanford University to ensure that they (Google) never learn your username or password and that any breach data stays safe from wider exposure. Password Checkup is still an early experiment which is why Google is sharing the technical details behind their privacy-preserving protocol to be transparent about how they keep your data secure.


    Key design principles

    • Alerts are actionable, not informational: Google says that they believe that an alert should provide concise and accurate security advice. For an unsafe account, that means resetting your password. While it’s possible for data breaches to expose other personal data such as a phone number or mailing address, there’s no straightforward next step to re-securing that data. That’s why they focus only on warning you about unsafe usernames and passwords.
    • Privacy is at the heart of our design: Your usernames and passwords are incredibly sensitive. Password Checkup was designed with privacy-preserving technologies to never reveal this personal information to Google. They also designed Password Checkup to prevent an attacker from abusing Password Checkup to reveal unsafe usernames and passwords. Finally, all statistics reported by the extension are anonymous. These metrics include the number of lookups that surface an unsafe credential, whether an alert leads to a password change, and the web domain involved for improving site compatibility.
    • Advice that avoids fatigue: Password Checkup will only alert you when all of the information necessary to access your account has fallen into the hands of an attacker and it won’t bother you about outdated passwords you’ve already reset or merely weak passwords like “123456”. An alert is only generated when both your current username and password appear in a breach, as that poses the greatest risk.
    Settling on an approach
    Google says: “At a high level, Password Checkup needs to query Google about the breach status of a username and password without revealing the information queried. At the same time, we need to ensure that no information about other unsafe usernames or passwords leaks in the process, and that brute force guessing is not an option. Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, and private set intersection with blinding.
    Our approach strikes a balance between privacy, computation overhead, and network latency. While single-party private information retrieval (PIR) and 1-out-of-N oblivious transfer solve some of our requirements, the communication overhead involved for a database of over 4 billion records is presently intractable. Alternatively, k-party PIR and hardware enclaves present efficient alternatives, but they require user trust in schemes that are not widely deployed yet in practice. For k-party PIR, there is a risk of collusion; for enclaves, there is a risk of hardware vulnerabilities and side-channels.”
    A look under the hood
    Here’s how Password Checkup works in practice to satisfy Google’s security and privacy requirements.

    Protecting your accounts
    Password Checkup is currently available as an extension for Chrome. Since this is a first version, it will be refined over the coming months, including improving site compatibility and username and password field detection.

    You may also like: