Google has launched Password Alert, an open-source Chrome extension that helps protect Google and Google Apps Accounts from phishing attacks and encourages people to use different passwords for different sites.
When an employee with Password Alert installed enters their Google password into any site other than an authentic Google sign-in page (accounts.google.com), that employee will receive an email notifying them to change their password.
The free Chrome extension will issue a warning when people use their Google password to log in to other legitimate sites. It generates a warning that the user has just been phished and should change the password immediately. Once a user installes and initializes Password Alert, Chrome will remember a “scrambled†version of your Google Account password. It only remembers this information for security purposes and does not share it with anyone.
Moving on, if you type your password into a site that isn’t a Google sign-in page, Password Alert will tell you that you are at risk of being phished so you can update your password and protect yourself.
In addition, Google Apps admins can choose to deploy an App Engine App that allows for, among other things, auditing and notifications to admins when employees enter their passwords into non-Google websites, and the ability to force those employees to change their passwords after doing so.
As an admin, you can install the Password Alert Chrome extension for all or some members of your domain.
To get started with Password Alert, visit the Chrome Web Store.