Friday, January 15, 20:01
Home security Google: Will it end up reusing passwords?

Google: Will it end up reusing passwords?

Mark Risher, Google's senior executive for the company safety accounts, identity and abuse, he told The Verge that passwords is one of the worst things on the Internet, claiming that although it is necessary for the safety and connection of individuals in many applications and site, is probably the main factor that leads to the violation of user systems. Strange as it may seem, a Google security officer says this because of the connection to gmail, need a password. However, the company has been trying to keep users away from this model for years, or at least minimize it. One of the most "silent" tools of Google in this endeavor, the Password Checkup plugin, will become better known as it is linked to the Security Checkup table that is embedded in every Google account. Although users can use a tool, such as a password manager, to monitor their login credentials, many end up reusing the same passwords on multiple accounts.


Indicatively, 52% of users choose to reuse the same passwords on multiple accounts, while 13% use the same passwords on all their accounts, according to the results of a survey published in February 2019 by Google and company Harris. The Microsoft said in 2019 that 44 million Microsoft accounts used leaked Internet connections. While reusing passwords on more than one account can be a way for users to remember a complex word, phrase or combination of letters, numbers and symbols that they think no one will ever be able to guess, in practice this can put you in risk their personal data and data. If this reusable password is leaked after a data breach, hackers could gain access to many of a user's other online accounts, no matter how complex the password set. According to Kurt Thomas, a member of Google's security and abuse research team, data have leaked, they are 10 times more likely to experiment, compared to a person who has not been exposed to a breach.

Google reuse passwords

Google is trying to help users adopt better habits in terms of passwords. For years, the company has been offering a built-in password manager on Google accounts. Chrome and Android which can store users' passwords and automatically fill them in on sites and applications. However, since last year, Google has been trying to help users prevent more powerful passwords by checking passwords. It is a tool that controls connections to a database of 4 billion credentials that have leaked, seeing if the password entered by a user corresponds to the one that has already been leaked.


Understanding how to let go Password Checkup Breaking credentials in a way that respects confidentiality was a difficult technical problem that required a joint effort by Google and Stanford University. The challenge was to find a way to automatically check a user's credentials in a breached database without revealing this information to Google or giving the user access to the entire database, while at the same time escalating this solution to the huge user base. of Google. To do this, Google saves an encrypted version of any known username and password that is exposed to data breach. Each time a user connects to an account, Google will send an encrypted version of their login information to that database. That way, Google can't see its password and it can't see the list of known Google infringements. If Google detects a match, it will display a notification recommending the user to change their password for this site. Google receives compromised links from many different sources and trusted partners, including underground forums where passwords are publicly disclosed.

Google

The company has a moral policy that it would never pay cybercriminals for stolen data. But due to the way these markets work, very often stolen data will leak. Using Google's personas in these markets, the company can get the data. It took about two to three years from the release of Password Control to appear on many Google products, according to Thomas. Google wants to notify users when it detects that a stored connection has been compromised. Over the course of the year, Google plans to allow users to use Chrome password control, even if they are not connected to a Google account.
Google is not the only company offering password control. The 1Password payment code administrator suggests changing weak or duplicate passwords and offers Watchtower, which controls users' login credentials based on Troy Hunt's Have I Been Pwned database with more than 9 billion match-fixes and infringed accounts. . Still, the Apple announced that its next version Safari will include a password tracking tool that is expected to work similar to Password Control. However, Google has the advantage of helping users with passwords thanks to its large scale. Tools such as Password Checker and built-in password management achieve a broader goal to make security easier for Internet users.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Pohackontas
Pohackontashttps://www.secnews.gr
Every accomplishment starts with the decision to try.

LIVE NEWS

Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...
00:02:36

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...