Okta’s PassProtect checks your passwords with ‘Have I Been Pwned’

Okta just launched a free browser extension for Google Chrome today. After installing PassProtect, your browser will compare the passwords you type with Troy Hunt’s Have I Been Pwned.

This extension isn’t necessarily for you, tech savvy readers of TechCrunch. But it could be a great way to warn your neighbor who doesn’t know anything about computers. Maybe their Gmail password has been part of a data breach.

Have I Been Pwned is a big database with all the passwords that have leaked over the years. There have been security breaches at Dropbox, LinkedIn, Tumblr or Adobe services. So chances are you’ve been pwned in the past.

That’s why you should be using a password manager, a different password for each online service and two-factor authentication when it’s possible. And that’s also why many companies rely on Okta to secure your authentication to a company’s intranet.

But the vast majority of users don’t do that.

So the next time you visit your relatives, you could install this extension for basic security checks. The extension uses k-Anonimity to check your password against Hunt’s database securely. Your passwords are never shared with Okta or Have I Been Pwned. The extension is also open source.