Google announces Password Checkup tool that alerts you of hacked login credentials

Those who are well-versed with the Internet do know that using different passwords for different accounts is one of the best ways to be safe on the Internet, but, some just decide to make use of the same password across different accounts. As a result, if any of their accounts get hacked, their other accounts are also at the risk of getting hacked. Now there are some good services available that let you check whether your login credentials were hacked and easily accessible to others or not, but, to celebrate ‘Safer Internet Day’, Google has announced a tool called Password Checkup that does something similar.


Google’s Password Checkup tool is actually a Chrome browser extension that alerts users of hacked login credentials. For example, if you have the Password Checkup tool installed, and you sign into a website, this tool will tell you whether your username/email and password is publicly available or not. Google does this by matching your login credentials with a database of 4 Billion credentials that may have been compromised.

If your login credentials are compromised, you will be suggested to change your password immediately. And, if you have used those same credentials elsewhere, you will have to change them there as well.

Google says that it doesn’t collect any of your account details. “Password Checkup was built with privacy in mind. It never reports any identifying information about your accounts, passwords, or device. We do report anonymous information about the number of lookups that surface an unsafe credential, whether an alert leads to a password change, and the domain involved for improving site coverage,says Google.

You can click here to install the Password Checkup tool on your Chrome browser.

In addition to Password Checkup tool, Google has also announced Cross Account Protection. This makes sure that apps and websites where you sign in with your Google account remain unaffected in the event of your Google account being compromised.

When apps and sites have implemented it, we’re able to send information about security events—like an account hijacking, for instance—to them so they can protect you, too,” said Google in a blog post.

Google said that it worked closely with major technology companies as well as the standards community at Internet Engineering Task Force (IETF) and OpenID Foundation to create Cross Account Protection.