Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Announces "Password Alert" To Protect Against Phishing Attacks

Posted by samzenpus on from the protect-ya-neck dept.

HughPickens.com writes: Google has announced Password Alert, a free, open-source Chrome extension that protects your Google Accounts from phishing attacks. Once you've installed it, Password Alert will show a warning if you type your Google password into a site that isn't a Google sign-in page. This protects you from phishing attacks and also encourages you to use different passwords for different sites, a security best practice. Once you've installed and initialized Password Alert, Chrome will remember a "scrambled" version of your Google Account password. It only remembers this information for security purposes and doesn't share it with anyone. If you type your password into a site that isn't a Google sign-in page, an alert will tell you that you're at risk of being phished so you can update your password and protect yourself.

2 of 76 comments (clear)

  1. Re:Wait.. by Anonymous Coward · · Score: 5, Informative

    Because telling you as you're typing your password into a phishing page is already too late. Javascript key logging anyone?

  2. "scrambled" version by NotInHere · · Score: 5, Informative

    Can you please stop with this plebs speak? This is a site for nerds, not for non-technical people. Say "hash" when you mean "hash". I mean is researching actual technical info so hard? For everyone not wanting to click links: its comparing the first 37 bits of the hash, using the SHA-1 hash mechanism. And yes its salted.