Skip to footer

Google’s new Password Alert tool works to prevent phishing attacks

|
Arnd Wiegmann/Reuters
Google's Password Alert tool helps keep you safe from phishing attacks by letting you know if you've entered your password into a non-Google site. Here, the Google logo is seen at the company's engineering center in Zurich, Switzerland.

Security experts have established all sorts of best practices for keeping online passwords secure: pick a string of characters that’s not easy to guess, don’t use passwords based on dictionary words, don’t write your passwords down, don’t reuse passwords across different sites – the list goes on. But most people simply don’t have the mental bandwidth to remember dozens of different passwords for the different sites they use, and as password management tools such as LastPass and 1Password haven’t caught on widely, many of us reuse the same password on many different web sites.

But by recycling passwords, we’re making ourselves easier prey for “phishing” attacks. A phishing attack occurs when a bogus email or Web site tricks us into giving up our username and password by posing as a service we use everyday. If you’ve ever gotten an email purporting to be from eBay or PayPal, asking that you log in to address a vaguely defined problem with your account, it was probably a phishing attack.

On Wednesday Google released Password Alert, an extension for the Chrome Web browser that will help defend against phishing attacks by saving careless Internet users from themselves. Password Alert will let you know if you type your Google account password into a non-Google site, and will prompt you to change your password immediately if that happens.

If you’re a Gmail user, your Google password is particularly important, because a hacker can gain access to most of your other accounts if he or she gains access to your email. In most cases, it’s as simple as clicking the “Forgot your password?” link on a login page. The site will send a reset password to your email account, which the hacker can then intercept. Password Alert will give you a heads-up that you’ve typed your password into an unsafe site, giving you time to change it before the bad guys do.

Password Alert also automatically checks the code of sites you’re visiting so it can determine whether a particular page is masquerading as a Google login page. If it notices one, it’ll warn you so you don’t get tricked into sharing your credentials.

Password Alert stores your Google password through what’s called a hash: a combination of your password and an additional string of characters that allows the sensitive data to be stored securely. That allows it to check the passwords you enter on different web sites against the hashed password in its database, and to alert you if it notices that you’ve entered your Google password on a non-Google site.

You've read 3 of 3 free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
Subscribe
QR Code to Google’s new Password Alert tool works to prevent phishing attacks
Read this article in
https://www.csmonitor.com/Technology/2015/0429/Google-s-new-Password-Alert-tool-works-to-prevent-phishing-attacks
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe
CSM logo

Why is Christian Science in our name?

Our name is about honesty. The Monitor is owned by The Christian Science Church, and we’ve always been transparent about that.

The Church publishes the Monitor because it sees good journalism as vital to progress in the world. Since 1908, we’ve aimed “to injure no man, but to bless all mankind,” as our founder, Mary Baker Eddy, put it.

Here, you’ll find award-winning journalism not driven by commercial influences – a news organization that takes seriously its mission to uplift the world by seeking solutions and finding reasons for credible hope.

Explore values journalism About us