Google has sought to create with its new Password Checkup Chrome extension, which, when you use a password online, will scan through the hacked databases and alert you if your password is listed.
Of course, that means that Google has to also store your password, another potential vulnerability in itself, right?
Not so – according to Google, there’s a complex system in place here which will ensure that your password data is ‘impenetrable’.
“At a high level, Password Checkup needs to query Google about the breach status of a username and password without revealing the information queried. At the same time, we need to ensure that no information about other unsafe usernames or passwords leaks in the process, and that brute force guessing is not an option.
Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, private information retrieval, and a technique called blinding.“