New browser extension checks leaks

Firefox and Google Chrome extension checks for hacked accounts

 

Firefox released a browser extension in November 2018 which connects to the HaveIBeenPwned.com site to check if the site you are on has been involved in a breach of username and passwords. If you have never seen an alert of this sort then it will notify you of any site that has been breached in the previous twelve months and then it will only alert you to sites that have been breached in the last two months. This is to not over burden you, the user, with too many alerts and to not be unfair to sites that take and have made provisions to protect user data since a breach.

Google has now released its own extension for Chrome that actually goes a bit further. Using their own copy of the database of breached username (email addresses) and passwords, they will check every time you enter a username and password to see if the combination has been seen in a breach at all and inform the user if it is found.

Both companies are trying to inform users and not overburden them with warnings. The biggest issue is that people re-use passwords over and over again on different sites. Hackers are now taking these lists of usernames and passwords and trying them on other sites to try to gain access to user accounts. You can of course go to the Have I Been Pwned site yourself and check to see if your username or password exists there but we would recommend that everyone get a secure password manager, such as ConnectID, our own password manager which comes free with all our Cloud accounts. It will keep your usernames and passwords stored away and even log you straight in to the site when you arrive so you don’t have to remember your usernames and passwords, which means that you can use more complex passwords and keep your data and account safer.

Stay Safe

CritchCorp Computers Ltd