With all the recent news about large scale data breeches, it is a good time to review your approach to managing credentials for all of your accounts. We do this on a recurring basis at Outcome Labs and strongly recommend this to all of our clients across the book publishing industry.
Google has recently released the Password Checkup chrome extension. Whenever you sign in to a site, Password Checkup will trigger a warning if the username and password you use is one of over 4 billion credentials that Google knows to be unsafe.
Google designed this new tool to be private and actionable. Here is how they describe these design principals.
- Alerts are actionable, not informational: We believe that an alert should provide concise and accurate security advice.
- Privacy is at the heart of our design: Your usernames and passwords are incredibly sensitive. We designed Password Checkup with privacy-preserving technologies to never reveal this personal information to Google.
- Advice that avoids fatigue: We designed Password Checkup to only alert you when all of the information necessary to access your account has fallen into the hands of an attacker.
You can read all of the details about the announcement here. We always recommend that clients use a commercial password manager like 1Password, but tools like this new extension should be in your toolkit.