PassProtect is a free, open source, extension of the proletterChrome browser, which warns you when you're about to create online accounts using insecure passwords or when you're about to sign in to a account using a weak password.
Most online sites and services have a very loose policy when it comes to passwords that users are allowed to choose. This is one reason why many internet users choose easy passwords. The downside to this is that these passwords can be easily guessed using one procedure called brute force attacks (is the continuous and non-stop testing of potential keys until the correct password is revealed) or using known passwords from previous breaches that have already been leaked to the Internet.
The PassProtect is a simple add-on for Chrome, which every time you enter a password in one of your logins or in a registration form, it is automatically checked in relation to the service database "Have I Been Pwned", Using the password hash (in other words, the selected password is not transmitted to the service as it is, but encrypted, ie only its hash).
Have I Been Pwned is a free online service that maintains a database of known account breaches and stored passwords that have occasionally been used and disclosed worldwide. You can use it independently of the addon, to check if your accounts related to your email addresses, have been leaked or stolen in breaches and if a password of yours is in the service database (ie it has been leaked in the past).
PassProtect automates the above process and when it detects the password already in its “Have I Been Pwned” database, it displays a warning window on the screen. Although PassProtect does not prevent you from continuing and instead gives you the option to use the insecure password to create the account you want or continue to use it to sign in to your existing account, it is not the best idea to continue regardless of the prenotice.
If a password is detected in the Have I Been Pwned database, it is likely that intruders will easily detect it as these databases have been compromised in the past and already exist as a password in their databases. hackers.
The creators of the extension they simply recommend that you change the password immediately or choose a different password when creating the account.