Google's Chrome browser will warn users, consumer and enterprise, if they have put their passwords at risk of phishing attacks thanks to a new extension.
The extension is called Password Alert and is available now. Simply put, it alerts users to any threats and prompts them to change their passwords.
"If you enter your Gmail or Google for Work password into anywhere other than accounts.google.com, you'll receive an alert, so you can change your password if needed," explains Google on its extension information page.
"Password Alert also tries to detect fake Google sign-in pages to alert you before you've typed in your password. To do so, Password Alert checks the HTML of each page you visit to see if it's impersonating a Google sign-in page."
Phishing attacks are a real threat to businesses and it is often of combination of styles, including other social engineering efforts, that have granted hackers to a collection of companies.
Users that adopt the Alert extension will find that it comes to life the very next time that they enter their password. It will store a seure thumbnail of the password, rather than a full encrypted version and use that as a comparison against later password use. If the user is putting the password into a non official system they will be alerted and advised to change their logins.
The release of the open source extension has benefits, but also some critics. Kevin Epstein, VP of advanced security and governance at Proofpoint, suggested that there are better prophylactic measures out there.
"Google's plugin effectively ensures users will have to use a different password for Google than they use anywhere else, or they'll be plagued by a constant pop-up warning," he said.
"While this may reduce the incidence of accidentally revealing one's Google password, it might also train users to ignore security warning pop-ups - and in either case, does nothing to block phishing emails or possible other site compromises."
Intel wants to get inside your car, despite missing out on mobile
'We'll keep fighting to fight to keep the web free and open,' claim EFF
Breached in March by the same attackers, claim 'insiders'
And all for less than £150, according to Keith