Life these days has become largely dependent on passwords – whether we’re checking our emails, transferring funds or shopping online, passwords have their part to play. We’re constantly bombarded with horror stories of security breaches, fraud, and phishing sites. Users are consistently told that a strong password is essential these days to protect private data. Why is it, then, that users on websites opt for the same, consistent, insecure passwords time after time?

Taking an aggregate sample of passwords (primarily from the UK), we take a look at the most commonly occurring. If you spot your own password listed – it might just be time for a change!
(more…)

Chrome stores saves passwords in CLEAR TEXT.

1 ] Go to any site that allows you to sign in ex. webmail.pair.com

2 ] Enter your fake username. Enter a false (incorrect) password

3 ] Allow Chrome to save password ( It will prompt below the address bar)

4 ] Close Chrome

5 ] Locate and change directory using the command prompt to the path below

%:\Documents and Settings\%user name%\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session ( Path might be different in Vista )

6 ] Note that the “Current Session” file needs to be present in your
“\Application Data\Google\Chrome\User Data\Default\” directory

7 ] Type this command in cmd : find “&secret” “Current Session”

8 ] You can see that its stored in clear text.
example:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\C
hrome\User Data\Default>find “&secret” “Current Session”

---------- CURRENT SESSION
login_username=FakeUser&secretkey=FakePass&x=18&y=8B

Need to secure your usb drive? Click Here!

A free Oracle password cracker written completely in PL/SQL. It is not the intention to replace the fast C based crackers such as woraauthbf but instead to suppliment it and to promote the need to check for weak passwords in customer databases but allow the customer to have a safe and easy method to do it that doesn’t involve downloading binaries, oracle clients, ssl dlls and more.
More info can be found at the author site.
http://www.petefinnigan.com/oracle_password_cracker.htm

As you know AT&T is the only carrier for IPhones (unless its jailbroken). For many people jumping on the IPhone craze do not know that the convenience of listening to your voicemail from your Iphone (or any AT&T phone for that matter) is a huge hole. The AT&T voicemail system is configured by default not to ask for a password when you check your voicemail from the handset (it asks for your voicemail password if you call your number from another phone and press * when your voicemail answers). (more…)

ElcomSoft Claims 1 Billion Passwords/Sec Recovery; Uses GPUs in Parallel
Distributes tasks to multiple NVIDIA video accelerators

ElcomSoft has released a new version its Distributed Password Recovery program for recovering system and document passwords at speeds of up to 1 billion passwords per second. (more…)

Does it live up to it’s name? Right now on nVidia 9600GT/C2D 3Ghz CUDA version does 350 M keys/sec, SSE2 version does 108 M keys/sec.

• CUDA version only:nVidia GeForce 8xxx and up, at least 256mb of video memory.
• LATEST nVidia-driver with CUDA support.Standard drivers might be a bit older (as CUDA 2.0 is still beta)
• CPU with SSE2 support (P4, Core2Duo, Athlon64, Sempron64, Phenom).
• Recommended 64-bit OS (WinXP 64 or Vista64). 32-bit version is also available.

(more…)

Introduction

This tutorial walks you through cracking WPA/WPA2 networks which use pre-shared keys. I recommend you do some background reading to better understand what WPA/WPA2 is. The Wiki links page has a WPA/WPA2 section. he best document describing WPA is Wi-Fi Security – WEP, WPA and WPA2. This is the link to download the PDF directly. The WPA Packet Capture Explained tutorial is a companion to this tutorial.
(more…)

When you visit website ftp site in Internet Explorer version 4.x-6.x and you choose the “Remember password” when you login, the password is saved in the Protected Storage in the registry, and this utility can recover it.

The Protected Storage information is saved in a special location in the Registry. The base key of the Protected Storage is located under the following key: “HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider”
You can browse the above key in the Registry Editor (RegEdit), but you won’t be able to watch the passwords, because they are encrypted. Also, some passwords data are hidden by the operating system.

We are releasing a Demo version of IE Recover that recovers the first 3 characters of your password.

Download IE Recover Demo

[downloadcounter(IERecover)] downloads

The full version is available for $4.99 that shows the complete password.
Built in pure Assembly language this program is only 7kb and fits perfectly on a thumbdrive to carry with you anywhere.

Help support this site by purchasing it ,so we can continue to off you the latest password recovery info.

You can purchase through paypal or e-gold from the links below. Thank you.

Synopsis

The password checking routine of DriveCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords.

(more…)

The password checking routine of SafeBoot Device Encryption fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.
(more…)