Security experts have offered a mixed assessment of
Google’s new Password Alert security, a Chrome extension designed to make it harder for phishing sites to steal Google account credentials by impersonating the search giant's login page.
The principle behind it is straightforward enough; if a user enters their Google password into a site that isn’t Google’s a warning message flashes on screen (see above) telling them that it has been exposed and suggesting a reset. It does this simply by comparing a hashed and locally stored version of the Google password to each one entered.
Google estimates that 2 percent of messages sent to its users are phishing attempts of one sort of another which presumably means they are filtered out, Still, a good idea’s a good, right?
