At the beginning of the year, Google presented the new Password Checkup extension, a useful tool to check if the personal credentials used to access the various websites had been stolen during some attacks.
Now, Google spokesmen have just announced that 1.5 percent of all passwords currently used on the web have been stolen by cybercriminals and are therefore available to them.
Google: 1.5% of passwords used by users today are in the hands of cybercriminals
Once installed, the Google Password Checkup extension checks the usernames and passwords used. By displaying an alert message when the use of credentials known to remote attackers is detected.
The extension is a fruit of a collaboration with Stanford University academics. It does not track user credentials and search on a database of over 4 billion username-password pairs known to cybercriminals.
Of around 21 million credentials automatically examined by the extension, Google explains that 315,000 are involved in various attacks.
The practice that consists of re-using the same passwords on multiple websites is still very common among users. Google reminds you that passwords must be unique and you must never use the same password to access multiple services.
Google explained that the goal of the Password Checkup tool is also to urge users to replace simple passwords. With more complex ones, certainly less vulnerable to attacks.