PassProtect extension for Chrome
It comes in the form of Chrome extension where you can key in a password to check against the database available with the popular website Have I Been Pwned. While it doesn’t store your password but does hash against the database to give you a yes or no. It uses the Pwned Passwords API service to see whether or not the password you are using in any web login has been found in a breach in the past. It uses ‘k-anonymity’, which ensures that your passwords are never seen, stored, or sent over the network during this checking process k-anonymity makes sure that the Pwned Passwords API service never gains enough information about a non-breached password. It is currently in use at hospitals which can release patient information for medical research while withholding information that discloses personal information.
How does PassProtect work
Once the extension is on board the browser, anytime you enter a password on a login page or sign-up page, you will receive a warning as soon as you stop typing. It’ll also notify you if your credentials are available in public domain. Below is one such warning: Inmy opinion, this is a great way to know if your passwords are safe or not. The password check happens on the go. You will not have to put time checking every one of them. You can download it from the Chrome Store. This means attackers can easily find this password online and will often try to access accounts with it. If you are currently using this password, please change it immediately to protect yourself. This notice will not show again for the duration of this session to give you time to update this password.