Password Checkup in Chrome OS 79 warns of stolen online credentials. Here’s how it works.

Google on Tuesday announced that Chrome and Chrome OS 79 includes the Password Checkup feature, as expected. Previously, this feature was available as a Chrome extension, meaning that it was up to users to install the security feature, many of which likely had no idea it was available.

By moving Password Checkup directly into the platform, more users will be protected online thanks to notifications when an entered password is recognized against a database of stolen credentials.

The Google Security Blog has a detailed technical writeup of how this all works behind the scenes and it’s interesting reading.

But if you’re a visual kind of person, this infographic also explains it nicely.

Essentially, when Google sees an entered online password in Chrome OS, it compares it to a hashed database of known cracked credentials. All of the credentials are encrypted with a private key that only Google has. If a match is found, a second secure credential check takes place locally on your Chromebook.

Google says the database has over 4 billion such breached username and password combinations. So how can it quickly search for your credentials in a massive data set?

A 3-byte SHA256 hash prefix is attached to your username “to reduce the scale of the data joined from 4 billion records down to 250 records, while still ensuring your username remains anonymous.” Impressive.

Although version 79 of Chrome is expected out today for most devices, Chrome OS 79 won’t likely drop until next week according to the Chromium Dash Calendar. Once it does, you’ll have the Password Checkup feature installed on your Chromebook.

About the author

Kevin C. Tofel has covered technology since 2004. He's used ChromeOS since Google debuted the CR-48 in 2010, reviewing dozens of Chromebooks since then. He worked for Google's Chrome Enterprise team from 2016 to 2017, supporting the launch of Android app support. In his free time, he uses Chromebooks to learn software engineering at Launch School. In 2019, Kevin joined the CS Curriculum Committee at his local community college.

Liked this content? Subscribe for the free, weekly newsletter

3 thoughts on “Password Checkup in Chrome OS 79 warns of stolen online credentials. Here’s how it works.

  1. I found 79 beta to be so unstable I gave up and went back to 78. I can tolerate a lot of glitches, but they seem to be breaking things that used to work frequently. It might be different if I saw bugs I reported actually being fixed.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top