Google chose Safer Internet Day to announce Password Checkup, a Chrome extension designed to warn users when they enter a username and password the company has detected in a data breach.
As with the Mozilla’s recently-launched and very similar Firefox Monitor, Password Checkup has a simple surface level the user interacts with built on top of more complicated inner workings that take more explaining.
The simple bit
After downloading from the web store, Password Checkup installs like any other extension as an icon in Chrome’s address bar.
Every time the user logs into a website, the extension checks a hashed version of the password and username used against a database of four billion possibilities amassed by Google from real data breaches, warning if it finds a match.
This presents a choice – log into the website, change the password to something unique, after which Password Checkup will stop issuing warnings for that site, or unwisely ignore the warning by clicking ‘close’.
The warning will keep popping up for that site unless the user also clicks ‘ignore for this site’ after which re-enabling warnings requires the user to click on the address bar icon, select advanced settings, and hit ‘clear extension data’.
To avoid alert fatigue, it won’t warn people if it detects trivial passwords (‘123456’) and only activates when both the username and password are in its database.
Before diving into how Google does the credential checking, a blog accompanying the announcement by the company’s senior product manager Kurt Thomas made this interesting admission.
We already automatically reset the password on your Google Account if it may have been exposed in a third-party data breach – a security measure that reduces the risk of your account getting hacked by a factor of ten.
In other words, the company has been conducting password breach checking for Google and G Suite accounts for some time.
Google alluded to this as far back as 2014, which tells us that today’s expanded Password Checkup hasn’t come out of nowhere.
Since then, it’s been quietly building its own database of breached credential as it finds them on the internet, which potentially crosses over with but is not identical to that collected by Have I Been Pwned (HIBP) used by Firefox Monitor.
The complicated bit
As with Firefox Monitor, an important issue is how Google checks the passwords and usernames entered by the user against its database without that data being leaked either to it or to anyone else hypothetically intercepting the query. Nor does it want to leak its database back to the user. Writes Google:
Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, private information retrieval, and a technique called blinding.
Indeed, Google says it was so concerned about user privacy, it consulted with cryptography engineers at Stanford University to help it make the system secure.
The result of that collaboration is that Google hashes new entries into its central database of breached passwords and usernames using the Argon 2 hashing algorithm, encrypting the output using elliptic curve encryption. One 2-byte prefix of the hash is left unencrypted for indexing.
When a user logs into a website with the extension running, it performs an identical but local process on the user’s credentials, this time encrypting it using a secret key at the user’s end – all that is sent to Google is the anonymous 2-byte part of the hash.
Google then returns to the user an encrypted database of every username and password that shares the same prefix. The final search for a match between the user’s credentials and the database is done locally while keeping the user’s account details and the database secure.
It’s like a more developed form of the k-anonymity principle Firefox Monitor uses to query the HIBP database hosted by Cloudflare.
Of course, this being Google, Password Checkup is bound to arouse some suspicion. It appears Google has gone to some lengths to allay these fears but our advice to anyone who feels strongly is simply not use it!
Bryan
Pretty interesting concept. I must admit I began this article with a fair deal of indignation, which has downgraded (after having read the deets) to apprehensive curiosity.