Wednesday, May 22, 2024

PassProtect – Google Chrome Plugin Tell You If your Password has Been Breached

A new free Chrome extension “PassProtect” to check in real-time whether you have been using already a breached password in the past.

It quickly checks your password with Have I Been Pwned that contains hundreds of millions of leaked accounts. If your password found in the list, then it shows “unsafe password detected” and the password is found in the 68,340 data breaches.

Okta introduced the new Chrome plugin powered by the HaveIBeenPwned database ” PassProtect quickly alerts users of possible “riskier” passwords so they can take action immediately and without compromising privacy.”


To check the password with Have I Been Pwned API PassProtect using k-anonymity communication protocol that ensures that your passwords are never seen, stored, or sent over the network during this checking process.

PassProtect is published under the MIT license so developers can integrate directly to the website or the app, it is available only for Chrome now and will be soon to Firefox.

Here is the list of worst passwords used in 2017 that extracted by SplashData from Five million passwords leaked.


Last year many of critical data breaches have been reported and many of organization lost million of sensitive data’s and millions of customer passwords that have been stored even in plain text.

Targeted attacks are becoming more frequent, and more successful, and this poses a serious challenge for security administrators everywhere.

With haveibeenpwned you can check that your account has been compromised in the largest breaches.


It was launched by Hunt to help organizations avoid using passwords that have previously appeared in a data breach or have been otherwise compromised in the past.


Latest articles

OmniVision Technologies Cyber Attack, Hackers Stolen Personal Data in Ransomware Attack

OmniVision Technologies, Inc. (OVT) recently disclosed a significant security breach that compromised its clients'...

Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code

The widely used team workspace corporate wiki Confluence has been discovered to have a...

Threat Actors Leverage Bitbucket Artifacts to Breach AWS Accounts

In a recent investigation into Amazon Web Services (AWS) security breaches, Mandiant uncovered a...

Hackers Breached Western Sydney University Microsoft 365 & Sharepoint Environments

Western Sydney University has informed approximately 7,500 individuals today of an unauthorized access incident...

Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud

Memcyco Inc., provider of digital trust technology designed to protect companies and their customers...

DoppelGänger Attack: Malware Routed Via News Websites And Social Media

A Russian influence campaign, DoppelGänger, leverages fake news websites (typosquatted and independent) to spread...

Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack

A new critical vulnerability has been discovered in Fluent Bit's built-in HTTP server, which...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles