Google: only 26% of users agreed to change their password when they learned that it was compromised
In the spring of this year, Google developers introduced the Password Checkup extension for the Chrome browser, created in conjunction with specialists from Stanford University. The main objective of the extension was to check whether the user’s passwords has been compromised.
The extension starts every time a user logs into an online service.Password Checkup checks the entered username and password (it doesn’t matter if they were entered manually or using the password manager), looking for matches in a secure database containing more than four billion credentials.
If user credentials are found in the database, the extension warns the owner of the browser about potential insecurity and recommends changing them.
“We propose a privacy-preserving protocol whereby a client can query a centralized breach repository to determine whether a specific username and password combination is publicly exposed, but without revealing the information queried”, — claim Google developers.
Now, Google engineers have published anonymous statistics collected by Password Checkup from February 5 to March 4, 2019.
As it turned out, only in 1.5% of cases out of 21,177,237 recorded user logins, they were warned of compromise because of various data leaks. That is, 316 531 logins were recognized as unsafe for approximately 670,000 users who had installed the Password Checkup extension at that time.
Read also: Google Play clicker Trojan installed over 100 million times
Interestingly, of all users who were warned about credential problems, only 26% decided to change insecure passwords.
“By alerting users to this breach status, 26%% of our warnings result in users migrating to a new password, at least as strong as the original”, — said Google specialists.
In approximately 60% of cases, the password change was successful, so, users were choosing more secure options than the original ones. Additionally, at least 94% of the passwords turned out to be as strong as the original passwords (that is, it didn’t get any worse).
Most often, problems with credentials were found on adult sites and entertainment resources, for example, streaming services. In particular, on porn sites accounted for 3.6% of all warnings, and on entertainment sites – 6.3%.
User Review
( votes)( reviews)
One Comment