Maximum PC Password RSS Feed

Unbelievable: "123456" Most Common Hotmail Password

Paul Lilly — Wed, 07 Oct 2009 12:00:02 -0500

Over 10,000 Hotmail email accounts were leaked to the web earlier this week as the result of a massive phishing scam, which may not have taken a whole lot of effort. After all, if you're going to choose "123456" as your password, compromising your account is like shooting fish in a barrel.

In this case, there were 64 said fish in a barrel full of over 10,000 compromised Hotmail accounts, making it the most commonly used password of the bunch, according to a researcher who combed through all the posted accounts.

About 42 percent of the passwords consisted of lowercase letters from "a" to "z," and just 6 percent secured their email accounts by mixing alpha-numeric characters. And almost 2,000 passwords were only six characters long (the longest was 30 characters).

An interesting side note - a bunch of the top 20 passwords were Spanish names, which might suggest that the victims were of Spanish origin or lived in Spanish-speaking communities, Wired.com reports.

Comcast Freezes Accounts After Thousands of User Passwords Found Online

Andy Salisbury — Tue, 17 Mar 2009 14:54:54 -0500

Comcast has frozen more than 8,000 users names and passwords for Comcast email addresses, a full two months after they were uncovered on the document-sharing site, Scribd.

Scribd reportedly has removed the list thanks mostly to The New York Times’ Brad Stone, who told them once he caught wind of the matter. Stone, who was contacted by one of the customers on the list, writes, “The list on Scribd was one of four results, and it also included his password, which was a riff on his love for a local sports team. Statistics on Scribd indicated that the list, which was uploaded by someone with the user name vuthanhan2004, had been viewed over 345 times and had been downloaded 27 times.”

Comcast claims that the accounts information ended up on the list through a series of phishing attacks on users, and that it wasn’t an internal leak.

One Third of People use One Password for Every Site They Visit

Paul Lilly — Fri, 13 Mar 2009 09:15:46 -0500

Password. Letmein. Asdf. Blahblah. Monkey. 1234. These are just some of the most commonly used passwords being used around the web, but even worse than using a boneheaded password is using the same one for every registered website. Nothing new, right?

Apparently it is, at least for one-third of respondents who participated in an online survey conducted by security outfit Sophos. According to Sophos, only 19 percent of respondents said they never use the same password for multiple websites. Almost half admitted to using a few different passwords, and 33 percent fessed up to using the same password all the time.

To state the obvious, using a single password for multiple websites makes it easy for hackers to wreak more havoc should the password become compromised. But obvious as basic security may seem, it's not being practiced by many. Recent examples include high profile Twitter account hijackings, including the ones belonging to President Barack Obama, Britney Spears, and Fox News, and the discovery that the population at large continues to use unimaginative passwords, such as selecting their first name.

How To: Recover Your Lost Windows User Account Password

Josh Kampschmidt — Wed, 18 Feb 2009 15:00:00 -0600

More likely than not, you’ve been asked in the past to help fix one of your friend’s or relative’s computers. Most of the time, the problems you’ve been brought in to remedy are basic malware or virus infections that you can address by grabbing the appropriate diagnostic and software removal tools stored in your trusty USB toolkit. But once in a while, you’ll be faced with a novice struck with the most basic and frustrating of problems: forgetting their Windows administrator login password. With no way to get into the system, you can’t even perform basic maintenance, let alone a thorough tune-up. Formatting is always an option, but we consider that a last resort. (Plus, guess who’s going to have to help reinstall all the programs lost after a wipe?) But all hope is not lost. There are a few ways to actually retrieve a lost Windows account password. Read on, and we’ll show you the light.

This guide is split into two sections. If you want to get rid of the old user account password, use Offline NT Password and Registry Editor. If you want to find out what the password is without changing it, then you need to use Ophcrack. There are a lot of Windows password revealers and crackers available, but we’ve found that these two programs are the most effective.

Time = 1 hour, 15 minutes

What You Need:

Offline NT Password and Registry Editor
Free, http://home.eunet.no/pnordahl/ntpasswd/
Ophcrack
Free, http://ophcrack.sourceforge.net/
A ISO burning utility, IsoBurn
Free, http://isoburn.sourceforge.net/

Use Offline NT Password and Registry Editor

Offline NT Password and Registry Editor is one of the easiest password recovery tools to use. It allows you to reset a user account password, including the Administrator password. It is also a relatively small download.

To download Offline NT Password and Registry Editor, click here. Save the zip archive to your Desktop.

Extract the archive and you will get an ISO file. Burn the ISO to a CD using any CD Burning software, such as, CDBurnerXP or ISOBurn.

After you get the ISO successfully mounted, put the disk in the drive and restart your computer. Make sure you set your BIOS to boot from the CD drive. You can change your boot order by accessing the boot menu with F10 before the OS loads.

The program will begin loading off the disk. You will get a line that states “boot:” press Enter and the process will continue

When the loading process stops again, press the “1” key. This will allow the program to search for all probable NTFS partitions.

When the program asks what the registry directory pathway is, press Enter. This will keep the default \Windows\System32\config directory.

You will now see a list of registry entries. For our purpose, you do not need to worry about anything, just press Enter. This tells the program we want to reset the password and loads the appropriate registry hive.

Now that the hive is loaded, press Enter on your keyboard to edit user data and passwords.

You will now see a list of all the user accounts present on the system. Find the user account you want to change and type the appropriate name. Make sure you enter the username EXACTLY as it appears and hit Enter.

Be careful when the program asks you what task you want to perform. You do not want to set a new password right now. This could cause serious problems when trying to boot a Windows XP, Windows Vista or Windows 7 operating system. Instead, press “1” to clear the password.

The program will give you a Password cleared message, indicating that the password removal was successful.

Now type an exclamation mark to return to the main menu. Press “q” to quit the program. On Step 4, make sure you save the changes; otherwise, the password will be left unchanged. To save the changes, type “y”.

When the program asks if you want to do a new run, press “n” since the password is already removed at this point.

To close the program and return to Windows, press Ctrl-Alt-Del. The computer will restart and the password should have been removed from the account.

Ophcrack the password

Ophcrack is a simple GUI-based utility that runs from a CD. The main reason we are using this utility is that it does not automatically remove the password, but instead shows you the password. Ophcrack uses a highly optimized version of rainbow tables, making it very efficient at discovering passwords. In fact, it can recover over 99% of alphanumeric passwords within minutes.

There are three different versions of Ophcrack. We are going to use the Live CD version of Ophcrack, because we are assuming that you do not have another user account to run the program. It has two different versions of the Live CD, one for Vista/Windows 7 and one for Windows XP.

Click here to download the Windows XP Live CD or click here to download the Windows Vista/Window 7 Live CD. Save the appropriate file to your Desktop and burn it to disc.

Once you get the CD burned, put the disk in your drive and boot from the disk. You may have to change the boot order so you can boot from the CD.

Ophcrack will begin loading and eventually present you with three options, graphic mode, VESA mode and text mode. We are going to use graphic mode since it is the simplest option, so highlight Ophcrack graphic mode and press Enter.

Ophcrack will start displaying a lot of text; don’t worry about what it says.

When Ophcrack starts, it will load the files it needs to run into RAM.

Once it is fully loaded into RAM, it will automatically start looking for passwords.

You will find the password under the LM Pwd 1 or NT Pwd sections on the progress tab. Once the program finds the password, feel free to click Stop. Make sure you write down the password since the program will not change the password. When you are finished, click on the Exit button.

To restart the computer, press any key. When it asks if you want to shutdown, press “y” and the computer will restart and eject the CD. Take out the CD and boot Windows

You should now have the user account password. Sure, reformatting would have fixed the problem, but it is just as simple to recover the user account password. Now you know how to recover that user account password for your friend or significant other in case they have data on their computer they cannot afford to lose. You might want to write down their password for them on a post-it note, so you don’t have to perform this task again!

Chrome's Hidden Password Feature is ****ed

Paul Lilly — Thu, 29 Jan 2009 10:00:04 -0600

Google's rap sheet when it comes to goofy exploits gives us pause to wonder if the company might be spending too much time concentrating on Cloud computing and not enough on security fundamentals. Back in July of last year, a SecurTeam blog exposed a Google Calendar flaw which made it possible to expose any Gmail user's real name with minimal effort. More recently, an exploit in Gmail allowing hackers to redirect your email was discovered. Now someone has stumbled onto an interesting vulnerability in Google's Chrome browser.

When you visit a site with an http password protected directory -- or try logging into your router, such as 192.168.1.1 for Linksys owners -- an Authentication Required pop-up appears asking for your for your login credentials. Your password should look something like ••••••••, but according to NeoBlog user tekmosis, if you let Chrome save your credentials to auto-fill the form, the next time you log in, copying and pasting the hidden password into a plain text application will reveal the actual ASCII characters.

We put tekmosis' discovered exploit to the test and as it turns out, you don't even need to have Chrome save anything. We tried logging into our router, typed our password, and it was immediately revealed when we copied/pasted it into Notepad.

While it might take a little work on the part of a hacker to take advantage of this vulnerability, it's one that should never have existed in the first place. You could make an argument that all exploits should never have existed, but this one just seems like a particularly glaring oversight.

Monster.com Warns Users against Fresh Security Breach

Pulkit Chandna — Tue, 27 Jan 2009 08:40:36 -0600

Leading jobs portal Monster.com has warned its users against a fresh instance of private information theft, which happens to be the second such case in the past 18 months. The security breach has not only tarnished its security record further but also dealt a heavy blow to the trust that users have posited in it.

It issued the warning on its website, in what appears to be a less-frequented section, and opted against directly contacting the users. The company began its statement by downplaying the security breach: “as is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database.”

It claims to have taken the necessary “corrective steps” immediately after discovering the security breach. It has asked users to reset their passwords on their own, though they will eventually be forced to make the change. The company says that the exposed data includes user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data. Resumes and sensitive data is said to be safe.

Monster.com has also advised users that they need to be more vigilant and watch out for specious emails claiming to be from the company.

Lame Password behind Twitter Hack

Pulkit Chandna — Wed, 07 Jan 2009 09:22:09 -0600

A hacker who uses the pseudonym GMZ accepted responsibility for the recent Twitter hack in an IM interview to Threat Level on Tuesday. He divulged little personal details except that he is an 18-year old student on the East Coast. It is also known that he is a member of the online forum for hackers called Digital Gangster; forum members had claimed that GMZ was responsible for the hack even before the hacker owned up.

He revealed that he successfully gained access to the account of a female Twitter staffer named “Crystal.” He had serendipitously stumbled upon her account and had no idea that she was a Twitter staff member with administrative control. He then proceeded to hack her account using a dictionary attack.

The program didn’t have to break a sweat as she was using the password “happiness.” Her flimsy password coupled with Twitter’s primeval security, which allows rapid-fire log-in attempts, led to several high profile Twitter accounts, including the ones belonging to President-elect Barack Obama and Fox News, being compromised.

Image Credit: Zdnet

Worm Targeted at Online Gamers Infects Laptop in Space

Pulkit Chandna — Tue, 02 Sep 2008 20:30:18 -0500

A computer worm primarily targeted at online gamers has found a very odd prey in form of the International Space Station. NASA confirmed last week that a computer worm had boarded the International Space Station and infected at least one laptop. Fortunately, though, none of the mission-critical systems were affected by the password-grabbing worm. NASA hasn’t revealed the name of the worm, but a website says that it is W32.Gammima.AG. Most of you might find the entire episode quite surprising and amusing, but the folks at NASA seem to be inured to computer worms aboard the ISS because this is not the first such instance.