Google Adds New Safety Feature ~ 'password Checkup'
Posted on the 07 February 2019 by Sampathkumar Sampath
Every morning, upon
getting up, before coffee, many search their mobiles, check their WA messages,
FB posts, friend requests, Instagram photos, and check some emails too .. ..
then upon reaching Office, you have a system log-in, official email login, no.
of applications each requiring separate log-in- - - added is the password protected phones - life excruciatingly is demanding (passwords /
access cards and more!)– how often
you change passwords, how simple or how
cryptic are they ?
Gone are the days, when people had passwords of their
spouse or children (or their ex - !!) – it is no longer pets or persons but
combination – some ambiguous,
unintelligible or without meaning. For
example, "gf#agsU17vr” represents a cryptic password. It is the way I travel
- ‘pass Gemini flyover – take U turn at
AGS – reach vijayaraghava road, Chennai 17’.Usually comprised of upper- and lowercase letters, numbers, and symbols,
cryptic passwords decrease the chance of someone accessing your accounts. (but
would you like to write them down or atleast the clue leading to the password,
which at times can you’re your life miserable, trying to decipher – once I had
R_____ then broke my mind trying to remember whether it was Regal or Rishab !!]
Password protection seems to be at the top of everyone’s minds nowadays thanks
to hackers ruthlessly targeting personal accounts through security flaws in
major corporations’ systems.
Dan Brown’s ‘Digital
Fortress’ published in 1988 was a real techno-thriller…… one of the main
characters was - Ensei Tankado —a disgruntled former NSA employee. The
story was about the theme of government surveillance of electronically stored
information on the private lives of citizens, and the possible civil liberties
and ethical implications using such technology. When the United States
National Security Agency's code-breaking supercomputer (TRANSLTR) encounters a
new and complex code—Digital Fortress—that it cannot break, Susan Fletcher, the
head cryptographer discovers that it was written by Ensei Tankado, an
employee displeased with the NSA's intrusion into people's private lives. Tankado intends to auction the code's
algorithm on his website and have his partner, "NDAKOTA", release it
for free if he dies. Tankado dies in Seville, of what appears to be a
heart attack, and the Agency deputes personnel to recover a ring
that Tankado was wearing when he died. The ring is suspected to have the code
that unlocks Digital Fortress. The ring had passed hands just before his death
and each person in the frame gets murdered by a mysterious assassin.
The mystery deepens in
trying to find out who ‘North Dakota’ could be…. eventually it turns out
that North Dakota and Ensei Tankado are actually the same person, as
"Ndakota" is an anagram of "Tankado".
If
you are a google user and life depends on gmail and other google products,
there is news for you .. .. .. Google has launched a new tool that tells users
when their login information has been exposed to hackers.Users
of Google Chrome can download the extension, called Password Checkup, which
monitors their various website logins.
The
site notifies you when you log in with a username and password that has been
compromised and triggers a warning to update your password. The company can
cross-checks the logins against a database of more than four billion username
and password entries.Google CEO Sundar
Pichai tweeted: 'Today, we're introducing two new updates that will help keep
your data secure: Password Checkup, a Chrome extension that helps protect your
accounts from third party data breaches, and a new feature called Cross Account
Protection.'The second tool Cross
Account Protection extends the Google ecosystem's account hijacking and breach
notices to apps that utilise Google Sign In. After that, Google claims that every time you
sign into a site, Google will check your login credentials to see if they are
still safe to use. The database is regularly updated and gets the information
from sources such as password dumps, when a web site's security has been
exposed and the contents of the web site are dumped on the web.
These
contents are from hackers responsible for data breaches on sites like Yahoo or
LinkedIn who sometimes post large databases of people's usernames and passwords
online. Google
says that its new browser extension has been built so that 'no one, including
Google, can learn your account details'. They say users' passwords and usernames will
be 'strongly hashed and encrypted' so the company will not be able to see them
itself.
According
to internet security provider Norton, 'the shorter and less complex your
password is, the quicker it can be for the program to come up with the correct
combination of characters. The longer and more complex your password is, the
less likely the attacker will use the brute force method, because of the lengthy
amount of time it will take for the program to figure it out.'Instead, they'll use a method called a
dictionary attack, where the program will cycle through a predefined list of
common words that are used in passwords.'
So try
using a combination of numbers, symbols, uppercase and lowercase letters;
ensure that password is not too short; use abbreviated phrases, change them
regularly and log out of websites and devices once you are finished with the
activity.Also do not choose commonly
used PW like 4444, 67890, qwert, lkjhg.. .. and do not allow the computer to
save the passwords, especially when others can have access to your computer.
According
to Google, Password Checkup works when you’re signed in to the Chrome browser
on a computer.One can download PW
checkup from Chrome store, download, install it as an extention to browser,
sign into Google account, check with the PWcheckup on whether your password is safe.To secure a Google Account that has
suspicious activity or that you believe has been hacked, follow these steps.
1. Sign in to the account with the unsafe
password.
2. Create a new, strong password for the
account and any other accounts that use the same password.
3. If the site offers another security
measure, like Two-Step Verification, consider setting it up.
If
Password Checkup finds that a password and username you enter is unsafe, it
stores a hashed, partial code for that info in your Chrome browser. This
partial code can’t be used to recreate a complete version of your info.You can delete this code on Chrome browser
too.
Interesting
!
With
regards – S. Sampathkumar
7th
Feb 2019.