Beta Brain - Chrome Can Now Warn Users Of Their Own Stupidity
There is no such thing as foolproof security because fools are very ingenious. Google can hire the best security engineers or harden its servers but it can’t stop fools like us from entering our Gmail password on the first fake login page we come across. If it’s online and has the Google logo then it’s OK, right?
To help discourage fools from finding the loopholes on every security measure, Google released a new extension for Chrome called Password Alert. This extension is designed to deal with phishing sites that use fake login pages to steal passwords. It cannot prevent you from actually entering your password in such sites (preventing human stupidity would be a titanic task) but it will warn you immediately and will let you reset your Gmail password right away before your account can be compromised. Phishing is one of the most serious problems in information security. According to a report published by Verizon earlier this month, a phishing email that lands on a company’s network is opened by 23% of recipients and, most disturbingly, 11% percent of recipients click on the malicious attachments.
Password Alert has another important feature: if you try to reuse your Gmail password to sign into some other site it will launch the same warning as for phishing sites. Maybe the annoyance of getting this warning will stop users from reusing the same password across multiple sites. Remember that when you do this, your information is only protected by the weakest security link. Hackers learned this long ago. They know that passwords are generally shared between sites, so one tiny security breach at mom-and-pops.com and voilà access has been granted to all your data.
Hopefully Google’s approach will catch on and other Internet services and browsers will follow, inspiring a new form of password hygiene. Meanwhile, remember to:
• Change your passwords regularly
• Never use the same password across different sites
• Enable 2-step verification whenever possible