Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google's new Password Alert extension a start for safety but falls short


  • Please log in to reply
No replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:38 AM

Posted 29 April 2015 - 04:06 PM

Today Google released a new Chrome extension called Password Alert that notifies you when you enter your Google password into a non-google site. When you first install Password Alert, the extension will ask you to login into Google where it will then create a scrambled version of your password. Then whenever you login to another site, it scrambles the password you enter and compares it to the scrambled Google password. If it is a match, Password Alert warns you that you entered your password on a non-Google site and that you should change it.
 

reset-password-alert.jpg


The problem with this extension is that it is working under the assumption that people use a unique password at Google or that Google can convince users to do so. Unfortunately, the people who would be the most protected by this app are the ones who use the same password on every site they visit. Regardless of the fact that people shouldn't do this, people will continue to do so, and this extension will constantly trigger warnings for them. I think it's a good attempt at trying to convince users to use unique passwords, but unfortunately for those who use the same password, the alerts will become a nuisance and they will just remove the extension.

What single-password users need is good education on how to generate unique passwords and not a constant stream of ignored alerts as they sign into web sites. Using a password creator and password database to maintain unique passwords is a great way to start. Even better would be to come up with an easy to remember password generation scheme that allows you to create unique passwords that are easy to remember. Unfortunately, I do not see any of this education in the Password Alert alerts, or the Learn More link that is given.

Password Alert is a start, but needs a lot more to become truly useful.


BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users