PassProtect is a free, open source code, program extension tours Chrome, which warns you when you are about to create online accounts using insecure passwords or when you are about to sign in to an account using a weak password.
Most online sites and services have a very relaxed policy when it comes to passwords that users can choose from. This is one of the reasons why many internet users choose easy passwords. The downside to this is that these passwords can be "guessed" easily, using a process called brute force attacks (is the continuous and non-stop testing of potential keys until the correct password is revealed) or using known passwords from previous breaches that have already been leaked to the Internet.
The PassProtect is a simple add-on for Chrome that every time you type a password in your login or registration form, it is automatically checked against the database data of the serviceHave I Been Pwned", Using the password hash (in other words, the selected password is not transmitted to the service as it is, but encrypted, ie only its hash).
Have I Been Pwned is a free online service that maintains a database of known account breaches and stored passwords that have occasionally been used and disclosed worldwide. You can use it independently of the addon, to check if your accounts related to email addresses post officeyour account, have been leaked or stolen in breaches, and if a password of yours is in the service's database (i.e. it has been leaked in the past).
PassProtect automates the above process and when it detects the password already in its “Have I Been Pwned” database, it displays a warning window on the screen. Although PassProtect does not prevent you from continuing, on the contrary, it gives you the option to use the insecure password to create the account you want or to continue using it. useste to log into your existing account, it's not the best idea to continue ignoring the warning.
If a password is detected in the Have I Been Pwned database, it is likely that attackers will easily detect it since these databases have come from previous breaches and as a password already exist in the hackers' databases.
The creators of the extension they simply recommend that you change the password immediately or choose a different password when creating the account.
