PassProtect is a free, open source, Chrome browser extension that warns you when you're about to create accounts on Internet using insecure passwords access or when trying to log into an account using a weak code access.
Most online sites and services have a very relaxed policy when it comes to passwords that users can choose from. This is one of the reasons why many internet users choose easy passwords. The downside to this is that these passwords can be "guessed" easily, using a process called brute force attacks (is the continuous and non-stop testing of potential keys until the correct password is revealed) or using known passwords from previous breaches that have already been leaked to the Internet.
The PassProtect is a simple add-on for Chrome, which every time you enter a password in one of your logins or in a registration form, it is automatically checked in relation to the service database "Have I Been Pwned", Using the password hash (in other words, the selected password is not transmitted to the service as it is, but encrypted, ie only its hash).
Have I Been Pwned is a free online service that maintains a database of known account breaches and stored passwords that have occasionally been used and disclosed worldwide. You can use it independently of the addon, to check if your accounts related to your email addresses, have been leaked or stolen in breaches and if a password of yours is in the service database (ie it has been leaked in the past).
PassProtect automates the above process and when it detects the password already in its “Have I Been Pwned” database, it displays a warning window on the screen. Although PassProtect does not prohibit you from continuing, on the contrary, it allows you to use the ifsafe password to create the account you want or continue using it to sign in to your existing account, it's not the best idea to continue ignoring the warning.
If a password is detected in the Have I Been Pwned database, it is likely that attackers will easily detect it since these databases have come from previous breaches and as a password already exist in the hackers' databases.
The creators of the extension they simply recommend that you change the password immediately or choose a different password when creating the account.
