Google research suggests you’re not as security conscious as you think you are

Patrick Devaney


If you think you’re a security conscious individual when it comes to being online, we have some news that may shock you. Even if you don’t think about yourself that way this is still going to be pretty shocking. New research by Google shows that a lot of us have a pretty lax attitude to password safety.

Many of us use passwords that have already been breached and, even worse, a lot of us continue to use breached passwords after we’ve been told they have been compromised. What are we thinking people? Maybe, we should look at these numbers in a little more detail.

According to Google over 80,000 people ignored breach alerts about their passwords

username and password

Google has been looking into its Password Checkup extension for Google Chrome to try and learn a little about our attitudes to our online safety. Password Checkup scans all of your login credentials when signing into your online accounts and then checks them against all the known sets of login credentials that have been affected by data breaches. In essence it tells you, if your password has fallen into the hands of hackers or not. The results of Google’s study have been a little surprising to say the least.

Since it was first launched, the password checkup extension has been downloaded over 650,000 times. If you think about how many different web accounts each of those users has, you’ll know that that number gives the extension access to a lot of usernames and passwords. Of those, Google looked at  21,000,0000 and found that over 316,000 of them were unsafe. This works out at about 1.5%, which isn’t much at all but makes sense when you consider that the people who will have downloaded Password Checkup in the first place will have been security minded individuals. What comes next though, does not make sense at all.

pasword checkup notification
Image via: Google Blog

When Password Checkup alerted these users to their breaches, the numbers weren’t as impressive. The report says that 26% of users changed to new passwords and 94% of these new passwords were at least as secure as the old ones. The weird thing though, is that 25.7% of the people warned that their passwords had been breached ignored the warnings. A massive 81,368 people were told their usernames and passwords had been leaked in a data breach and did absolutely nothing about it.

Something to think about

It is very important that you use unique login details for all of your online accounts and change them as soon as you hear they’ve been caught up in a breach. If you have unique credentials, you’ll only have to do this once. If you don’t, you’ll have to do this for every account you have with the same details as the people who bother to steal passwords in the first place will also bother to check them against every account you have.


In this regard, we can’t recommend using a password manager like LastPass highly enough. Password managers generate strong passwords automatically and will also let you know, if you are using the same security credentials on more than one account. It is likely that the people who ignored the breaches couldn’t be bothered making the changes because they’d have to change a lot of details for it to make a difference. A password manager like Last Pass does all of this hard work for you so if you have been breached but couldn’t be bothered to make any changes, download Last Pass and let it do the work for you.

On top of this, you should also be pleased to know that Google is working on integrating the Checkup Extension into Chrome directly so soon all Chrome users will be notified, if their login details have been compromised.

You may also like