1. Hey Guest Did you know you can win an Honor 10 phone worth ₹33,000 and an additional ₹70,000 in paytm vouchers, just by replying to some threads and taking part in the discussions happening in the Honor Hub?

    What are you waiting for? Start commenting and start winning! Remember to read the instructions posted here.

    Dismiss Notice

Does Hackers know your password

Discussion in 'Internet & WWW' started by Zangetsu, May 29, 2018.

  1. Zangetsu

    Zangetsu El Directo!

    Joined:
    Jan 8, 2008
    Messages:
    9,924
    Likes Received:
    118
    Trophy Points:
    63
    Location:
    Soul Society
    This Chrome plug-in tells you if hackers 'know' your password

    PassProtect, the plug-in will inform you that how many times a password you are using has been exposed to data breach.

    Go to the login page of your favourite website and enter your password and hit enter. Now you will notice a window pop up warning you: "The password you just entered has been found in 26 data breaches. This password is not safe to use." So, once you dismiss the message, then it is up to you whether you want to change the password or not. But you will not see the same warning again for the same website in the same browser

    Source: This Chrome plug-in tells you if hackers 'know' your password | Gadgets Now
     
  2. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    2,555
    Likes Received:
    178
    Trophy Points:
    63
    So, we install the plugin>>Go to gmail>>Enter our username and password and then the plugin will tell us how many times the password has been breached? If that's the case, then don't you think the plugin itself might be compromised?
     
    Last edited: May 29, 2018
  3. Flash

    Flash Agent of Speed

    Joined:
    Jul 18, 2010
    Messages:
    5,010
    Likes Received:
    118
    Trophy Points:
    63
    Location:
    <Classified>
    As per that URL, it takes the typed password and cross-verify with haveibeenpwned.com to determine that particular password has involved in any other data breach or not. So So if am correct, lets say your password is "password123", and the plugin checks that password in some kind of centralized password master DB and tells you, "password123" is bad.
     
  4. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    2,555
    Likes Received:
    178
    Trophy Points:
    63
    I get that, but if that plugin is compromised then it knows our username- flash and password- batman.
     
  5. Flash

    Flash Agent of Speed

    Joined:
    Jul 18, 2010
    Messages:
    5,010
    Likes Received:
    118
    Trophy Points:
    63
    Location:
    <Classified>
    maybe the plugin will check the password hash, not the original password itself.
    Btw, my password is not batman, its ******.
     
    Vyom likes this.
  6. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    2,555
    Likes Received:
    178
    Trophy Points:
    63
    No guarantee about that.
    I more interested in your atm pin lol
     
  7. Vyom

    Vyom The Power of x480 Staff Member

    Joined:
    May 16, 2009
    Messages:
    5,955
    Likes Received:
    129
    Trophy Points:
    63
    Location:
    Sometime in Delhi
    I tried hacking you with ******. I couldn't.
    Liar. :|
     
  8. TigerKing

    TigerKing Active Member

    Joined:
    Dec 24, 2016
    Messages:
    471
    Likes Received:
    50
    Trophy Points:
    28
    Location:
    Mumbai
    And that website selling data to hackers..
     
  9. Vyom

    Vyom The Power of x480 Staff Member

    Joined:
    May 16, 2009
    Messages:
    5,955
    Likes Received:
    129
    Trophy Points:
    63
    Location:
    Sometime in Delhi
    Who in their right mind will try to "check" their password by using a plugin? No matter how much the plugin claims it's not shady, their is NO guarantee.

    It's simple, if you have created a strong password, and it's a combination of capital, number and special character and more than 8 characters long, you shouldn't need to worry about it's strength, and if you are in doubt that your password was leaked, just change it. Why you need to "CHECK" if your password is good?

    Such plugins are in line with next Cambridge Analytica issue, where user themselves leak their own information.
     
    billubakra likes this.
  10. whitestar_999

    whitestar_999 Super Moderator Staff Member

    Joined:
    Nov 7, 2011
    Messages:
    7,391
    Likes Received:
    588
    Trophy Points:
    113
    Location:
    NCR
    haveibeenpwned is a known website that has reported some of the largest account data breaches.You can directly go to site & simply enter an email to see if it has been exposed in any breach along with details like whether password associated with that email was breached too or not.

    As for strength of the password,nowadays it is more about stealing rather than cracking so besides using a strong password the system/network should be secure too else strength of password is irrelevant.
     
    billubakra and Vyom like this.
  11. Anorion

    Anorion Sith Lord Staff Member Admin

    Joined:
    Oct 10, 2008
    Messages:
    3,953
    Likes Received:
    70
    Trophy Points:
    48
    haveibeenpwned is a good resource
    you can check with your email id, no need to key in your password
    if you have been pwnd, the site will show you your password
     
  12. OP
    OP
    Zangetsu

    Zangetsu El Directo!

    Joined:
    Jan 8, 2008
    Messages:
    9,924
    Likes Received:
    118
    Trophy Points:
    63
    Location:
    Soul Society
    No body can be trusted in this world
     
    TigerKing likes this.
  13. TigerKing

    TigerKing Active Member

    Joined:
    Dec 24, 2016
    Messages:
    471
    Likes Received:
    50
    Trophy Points:
    28
    Location:
    Mumbai
    It says
    Pwned on 1 breached site and found no pastes

    There is no password shown..
     
    billubakra likes this.
  14. Flash

    Flash Agent of Speed

    Joined:
    Jul 18, 2010
    Messages:
    5,010
    Likes Received:
    118
    Trophy Points:
    63
    Location:
    <Classified>
    Check for your password here - Have I Been Pwned: Pwned Passwords
     
    billubakra likes this.
  15. TigerKing

    TigerKing Active Member

    Joined:
    Dec 24, 2016
    Messages:
    471
    Likes Received:
    50
    Trophy Points:
    28
    Location:
    Mumbai
    I already found that.
    I wasn't asking for that.

    if you have been pwnd, the site will show you your password

    As per @Anorion
     
  16. whitestar_999

    whitestar_999 Super Moderator Staff Member

    Joined:
    Nov 7, 2011
    Messages:
    7,391
    Likes Received:
    588
    Trophy Points:
    113
    Location:
    NCR
    ^^There are two types of account breaches: 1.in which both email & password are exposed & 2. in which only email is exposed but password is either not exposed or is exposed in an encrypted form.
     
    TigerKing likes this.

Share This Page