Passwords stolen warning from Google

TheVigilante

Banned - Multiple Rules Violations
Joined
Aug 31, 2010
Messages
15,003
Reaction score
16,106
Google Chrome Will Now Warn You If Your Web Passwords Have Been Stolen

wtf we already know they store passwords in flat text unencrypted lmao

https://www.forbes.com/sites/thomasbrewster/2019/12/10/google-chrome-will-now-warn-you-if-your-web-passwords-have-been-stolen/
 
Well, the news says

To do this, Google first turns the password you’re entering into what’s known as a hash by putting it through an algorithm that turns it into a collection of letters and numbers. That string—which might look something like 855c3697d9979e78ac404c4ba2c66533—is the hash. If the same password exists in Google’s trove of previously stolen logins, it would’ve gone through the same hashing algorithm and so a hash match will be found. That will show the password has been leaked without having to look at the actual login info.
So, I guess it's not that bad afterall. This means that Google will compare hashes, not the actual strings. That being said, hash used by the author is md5; which is very easy to crack these days. Not sure if the real ones will be something else... If they are secure enough, I won't have any problem.

Edit: Also, I think it is better for google to check the password than me entering my password in an unknown site. The unknown ones could easily store the searches if they wanted to, and then check against other hashes to find out if I exist in some db. I believe Google will be safer in this regard.
 
Last edited:
Back
Top