October 4, 2019
For Cybersecurity Awareness Month, Google is introducing three tools to give users more control over their data when using Google Assistant, Google Maps and YouTube. Maps will roll out “incognito mode” for Android users this month and include iOS users soon. YouTube will feature the “rolling auto-delete” feature available for location and web data history. The company will also build its password checkup into account controls, to make it easier for the user to determine if her logins have been part of a security breach.
The Verge reports that, according to Google director of product management, privacy and data protection office Eric Miraglia, when incognito mode is enabled, Maps activity — such as places the user searches for — won’t be saved to the user’s Google account or used to personalize Maps experiences. The rolling auto-delete feature for YouTube allows the user, said Miraglia, to “set the time period to keep your data — 3 months, 18 months, or until you delete it, just like Location History and Web & App Activity — and we’ll take care of the rest.”
Google is also allowing users to “wipe recent voice commands or questions to Google Assistant without having to open an app on your phone,” such as saying, “Hey Google, delete the last thing I said to you.” This voice command is limited however, to a week’s worth of Google Assistant history.
Elsewhere, The Verge reports that Google’s password manager, which syncs across Android and Chrome, has a checkup feature to “analyze your logins to ensure they haven’t been part of a massive security breach.”
Previously available as an extension, “now, Google is building it right into Google account controls” and featuring it at the URL shortcut to the password manager (passwords.google.com). The user’s credentials “are compared against the millions upon millions of known compromised accounts that’ve been part of major breaches.”
If compromised, “Google will encourage you to change the affected password.” The company will also encourage users to adopt unique logins if it sees the user reuses passwords and strengthen weak ones.
Google emphasized that Password Checkup is encrypted, and that “in the database [passwords] are stored in a hashed and encrypted form.” The Verge notes that “consumers are increasingly being asked to store their passwords in several places at once … [and] the potential for mismatches or having an old, incorrect password in one of these places is pretty high.”
Google “doesn’t really have a great answer for this issue, but says that it supports importing passwords and will be working to make that process smoother over the coming months.”
As part of Cybersecurity Awareness Month, Google also teamed up with The Harris Poll to check on how people’s “password habits” in the U.S. The results were that only 37 percent are using “extra security measures like two-factor authentication” and 15 percent use password managers. Two-thirds said they use the same password for more than one account.