This article was published on May 23, 2018

PassProtect warns Chrome users when their username or passwords get pwned


PassProtect warns Chrome users when their username or passwords get pwned

Data breaches happen all the time. When they do, it’s invariably bad, with countless people ensnared. The MySpace breach, for example, impacted nearly 360 million. LinkedIn impacted 165 million more. One tool helping to mitigate the aftermath is Okta’s new Chrome plugin, PassProtect.

As you type your username and password in real-time, it checks it against Troy Hunt‘s Have I Been Pwned (HIBP) and sees if it’s been found in a recent breach.

If you’re using a risky password, it’ll let you know, so you can instead choose something more secure. Here’s how it looks:

The tool itself uses k-anonymity techniques to ensure that your password isn’t transmitted across the Internet while the plugin checks it against the HIBP API.

You can download PassProtect for Chrome from today. Developers will be glad to know that Okta has released a version as a JavaScript library, should you wish to integrate it into your website.

Get the TNW newsletter

Get the most important tech news in your inbox each week.