What Do These Tools Do?
Each of these new Google features ensure a greater level of protection, but how?
Users already have sufficient methods with which they can check whether or not their accounts have been hacked – like Have I Been Pwned – but we had to wait until 2019 to see Google introduce its own security breach solution, the appropriately named Password Checkup Google extension. The brilliant thing about this add-on is that it’s as simple as it can get: once Password Checkup is installed, it starts monitoring the internet for any sign that may indicate that one of your login credentials has been compromised. Should that happen, the plugin will send an alert asking users to change the leaked password immediately.
This is already a huge asset for those who don’t rely on a password manager or have password managers with no security breach alert feature, but what’s most impressive is that Google was actually smart enough to learn from its mistakes by teaming its cryptography research team with that of Stanford University to code the add-on in such a way that it never collects any kind of data to share with the tech giant.
Cross Account Protection
Google’s other improvement in the data security sector is Cross Account Protection – or CAP for short – which is a protocol that is mostly directed at the web developers of third-party sites that allow users to log into their accounts with their Google credentials. However, the function isn’t rocket science: by using CAP, these companies will be notified in time to allow for the necessary countermeasures against a possible hack when Google is hit by a major security event. And just as is the case of the Password Checkup add-on, Google made sure that users’ privacy is respected at all times; as such, only those companies that you have used Google Sign In with are notified, and they will only receive information about the nature security event.
Using Google’s Security Features With a Password Manager
Google notifying users of security breaches involving their login credentials deserves nothing but praise, especially from a company that has previously been known for its lax approach to data security. But even with Google’s benevolent intentions, a simple alert isn’t enough to minimize the damage caused by wrongdoers. That’s why it’s best to combine Password Checkup and CAP with a third-party password management app.
Although password managers have various security features that ensure passwords stored in their vault are unbreakable, most of these programs ‘only’ evaluate the strength of passwords and require their users’ intervention should they need to be changed. With Google’s security tools on board, however, even those password managers that cannot warn users about security breaches can effectively be upgraded to match the likes of bespoke password managers like Dashlane and 1Password that include this feature by default.
This way changing the compromised password can be sped up even further, which is quite impressive considering that updating logins is already a quick process with password managers, especially if the new credential is generated by the software’s built-in password generator. You don’t have to give up on the convenience of storing passwords in an encrypted vault either, since logins that had to be changed don’t need to be memorized thanks to the advanced password recalling features that all password management solutions come with.
Best Password Managers of 2019
|Editor's Choice 2019|