New Chrome extension aims to protect Google passwords, foil phishers

Google today released a new extension for its Chrome browser that aims to improve Google account security for consumers and enterprise customers. The Password Alert extension discourages people from reusing their Google passwords on other sites and notifies them of potential phishing attacks. In other words, Google wants to help you help yourself.

[Related News: Google Drive for Work gets new IT-friendly features]

The majority of security intrusions and hacks occur when outside groups or individuals wrongfully access passwords, according to Eran Feigenbaum, director of security at Google Apps for Work. 

How Password Alert for Chrome enhances online security

The free, open source Password Alert Chrome extension can be installed by individuals or deployed by admins, who can then choose to receive alerts whenever it detects potential problems. Password Alert has been used internally at Google for years, and it automatically warns users if they type their Google passwords into non-Google sites, then encourages them to use unique passwords.

Google

The extension will “remember a partial fingerprint version of your Google password” and notify you when you are at risk of being “phished.” Nearly two percent of all messages sent to Gmail accounts are designed to trick you into giving up your passwords, and the most effective phishing attacks can succeed as often as 45 percent of the time, according to Google.

[Related Analysis: Google for Work vs. Microsoft Office 365: A comparison of cloud tools]

“It’s really tough for users to know which sites are bad versus which sites aren’t,” Feigenbaum says, and adds that even “smart Googlers” occasionally fall victim to well-orchestrated ploys.