Tech giant Google has released the stable version of its Chrome 67. It is being rolled out for Linux, Windows, and macOS. For desktop, the update is equipped with new features for AR and VR improvement. there is support for Generic Sensors API and other fixes.
Chrome 67 denigrates the HTTP Based Public Key Pinning (HPKP) security feature.
The company has resolved 34 security fixes with Chrome 67. Strict isolation feature has been continued. By enabling Site Isolation, pages from different sites run in different processes with each process blocked from receiving particular types of sensitive data from other portals.
It included new Generic Sensors API which permits websites to access data from a device’s gyroscope, motion and accelerometer sensors. WebXR Device API is also included as developers can build AR and VR experiences for desktop-based and mobile-based VR headsets.
Chrome 67 doesn’t support HTTP-Based Public Key Pinning standard.
Okta has also introduced a password-security plugin in Chrome. It is called PassProtect. The PassProtect Chrome plugin will report to you how many times a password you have used has been subjected to a data breach. After installing PassProtect Chrome plugin, you need to go to the login page of a website which you usually use. After that enter your password and click enter. A window pop up will appear. It will warn you that, “The password you just entered has been found in 26 data breaches. This password is not safe to use.”
After dismissing it, its all up to you whether you want to change the password or not. The warning won’t appear on the same website ever again.
According to the Okta, PassProtect Chrome plugin gets its information from “Have I Been Pawned” portal. It keeps the information of all hacked passwords. An individual can go to the portal and check for themselves also.
Currently, PassProtect Chrome plugin works only on Chrome. It will come soon on Firefox too. It only facilitates passwords and nothing else.