Just head over to the service’s website and enter a password in the form. You do not necessarily have to enter a password that you use actively. You can alternatively enter a comparable password to find out how long it would take to hack your password with a brute force, or maybe a combined dictionary and brute force attack.
Recently, hackers hacked into the databases of various public and private organizations (Sony, MySpace, Gawker, PBS, etc) and released millions of user accounts along with associated emails and passwords. Since there are a number of different databases, it is not really viable to check them on your own and see if your account was also leaked.
Should I Change My Password is a useful website that was created to help you easily check if your account was among those released to the public by hackers. The site uses databases released by hackers to check and match your email against the records in those databases. Simply enter your email and click “Check it!”.
If your email is found among the records, you should immediately change your password to protect your account.
Features:
Check out ShouldIChangeMyPassword @ www.shouldichangemypassword.com (via Lifehacker)
If anyone is in the area feel free to stop down and play a few levels
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
It’s kind of like Firesheep for android. Your phone must be rooted to use this program.
Originally it started off for just Facebook but the author has added support for these other sites: FaceBook,Twitter,Youtube,Amazon,Nasza-Klasa
At Defcon 2010 on Thursday, at a specified time, KoreLogic will release a file containing 53,000 password hashes. The file will contain passwords of varying types (such as SHA, SSHA, MD5, DES, Lanman, NTLM, etc.) and will range from being “easy” to extremely difficult to crack. The password file is not simply 53,000 randomly generated passwords which would favor the person or group with the most GPU/CPU bruteforcing horsepower. Instead, the password file contains passwords based on what we believe are challenging patterns. Passwords will be of varying lengths, patterns, and complexity. Creative password cracking techniques, rules, dictionaries, and tools will be needed. The teams who are smart about the methods they use (i.e., teams who can crack more, with less work) will most likely be the most successful.
KoreLogic will be giving away the following prizes for first, second, and third place:
More Info: http://www.korelogic.com/defcon_2010-contest.html
Well we finally had enough time away from the lab to get around to the Kontest for the free Kon Boot license. The contest will be to write an article for our site on a password tool of your choice, it has to be a tool we haven’t covered already (but not an obscure tool that is only useful to a handful of people and no Nirsoft tools :p ). It can be a recovery tool, cracker, exploit etc… it doesnt have to be a long article, just as long as your covering the basics of how to use the tool and maybe some examples. The contest will end next Monday so get those articles in to . 10 lucky winners will receive the licenses shortly afterwards
A hacker named Kirllos seems to have sold close to 700,000 accounts, and has a rare deal for anyone who wants to spam, steal or scam on Facebook: an unprecedented number of user accounts offered at rock-bottom prices. Kirllos’ Facebook prices are extremely cheap compared to what others are charging. In its most recent Internet Security Threat Report, Symantec found that e-mail usernames and passwords typically went for between $1 to $20 per account — Kirllos wants as little as $0.025 per Facebook account.
