Check How Secure Your Password is with Microsoft Tool

Passwords are an important part of our online life. They are the keys to our online homes and it is important to make sure we do not misplace them or allow them to fall into the hands of untrustworthy people.

I have different passwords for different services and often use LastPass to manage my passwords across different websites.

All these tools to save passwords can be handy only if your password is actually a good one and cannot be easily guessed. Microsoft has a nice online tool which shows if the password you are choosing is strong or weak.

Microsoft’s Password Checker

  • Just visit this link, and type in the password you want to test out.
  • It will indicate if the password you are using is weak or strong.

ms_password_checker

A good password is usually an alpha-numerical combination along with a mix of special characters. Ideally this will help create a password that cannot be easily broken or guessed.

Here is another online tool to check the strength of your passwords across different parameters.

Try out Microsoft’s Password Checker and drop in your comments. Share with us any more password tips you find useful.

Link: Microsoft’s Password Checker

Related: Passwords are like Underwear! [Tip]

LastPass Premium Accounts Free for Students with .edu Accounts!

LastPass, the ultimate cloud based password manager is giving away premium accounts to students for six months. If you’re a student, having a .edu email address, you can take advantage of this offer.

Lastpass-student-promo

Many of the universities these days have a .edu domain (although, Indian universities rarely have that domain), stanford.edu for example. So, if your university has a .edu domain, they will certainly provide you a email address too, and that’s the proof that you’re a student.

To get LastPass Premium for free, head on to their offer page, fill your .edu Email address, verify it and you’re done! Sadly, I don’t have a .edu email address, so I didn’t give it a try.

If you’re curious to know what all extra features you get by using LastPass Premium, here’s the list.

  • Download LastPass for all platforms – iOS, Blackberry, Android, Windows Phone, WebOS, Symbian and even Dolphin browser.
  • Ad-free LastPass experience.
  • Use LastPass without installing any plugin
  • Add an extra layer of security to your LastPass vault using LastPass Sesame for USB thumb drive.
  • Use Yubikey for multi factor authentication to secure your LastPass vault.

Link: LastPass Loves Students

Related: Complete Review of LastPass

Your Facebook Password is Not Completely Case Sensitive!

Facebook-passwordFacebook passwords are not ‘completely’ case sensitive. You actually have 3 passwords for your Facebook account, including the normal password with which you login.

So what are those other two passwords, apart from the one you know?

  1. Your actual Facebook password with case reversed.
  2. Your actual Facebook password with first letter capitalized, this is only available for mobile devices, though.

For example, if your password is “fAcEbOoK’, then “FaCeBoOk” (case reversed) serves as an alternative password.

This also means that if your password is completely in lower case, then you can login to your Facebook account even with Caps Lock on.

If you’re logging into Facebook from a mobile, then if the first letter gets capitalized by mistake, still you can login with no problem.

This is not a bug in Facebook, they intentionally designed in this way. This is not even a security loophole as it’s the same password, what has changed is just the capitalization, so it will take the same number of brute force attacks to crack it.

Source: ZDNet

Check How Strong Your Password is Across Various Parameters [Password Meter]

Almost two years, Rahul Bansal wrote a post about how passwords are like underwear! The key message in it being that passwords should not be shared, should not be left lying around and you should change them often.

The comparison is surely funny but it can be quite serious if someone else does get hold of your password. Many people who have had their accounted hacked, the reason has been because someone has guessed their password, instead of someone actually breaking in with fancy software.

Most online security experts agree, that passwords should be long, have alpha-numeric characters along with special symbols if possible. But how can you truly build a password that is completely secure.

Password Meter is a nice online tool that shows how strong your password is across various parameters.

Password_Meter_scrn

  • Just type in the password you want to be tested in Password Meter.
  • Then check for all the suggestions for complexities.
  • The meter shows if you are using symbols, middle numbers, Lowercase and Uppercase letters along with length of password.
  • Change your password with some additions to make it 100% strong.

This tool can be used to make your easy to remember password into a lot more complex. Most people might have a password which is their favorite book or their pet dog. This can be easily guessed but when you mix it with upper and lower case adding a symbol and add an easy to remember number to it, the combination is pretty much impossible to guess and the password would be long enough to be considered very secure.

Do use Password Meter to check the strength of your passwords and drop in your comments.

Link: Password Meter

50 Worst Passwords You Should Avoid!

Internet has made things interesting, but weird too. Now you can access your Bank account, generate statements and even transfer money at the click of mouse, and the weird part is that anyone can steal your money by just getting to know “few letters or numbers”. Internet today is just not a medium of passing time but the World economy depends on this big network. I guess even you would not like anyone to take control of your accounts, Email and any other Internet-based accounts at any point of time as Internet today is just not fun for you too.

A video from Mozilla

An Internet security company Sophos in its latest report on Internet Security has mentioned a list of weak (worst) passwords which you should avoid using anywhere.

Common Life Words
  • master
  • whatever
  • Baseball
  • superman
  • iloveyou
  • pokemon
  • michelle
  • killer
  • monkey
  • consumer
  • pepper
  • welcome
  • batman
  • dragon
  • Sunshine
  • princess
  • starwars
  • nintendo
  • football
  • Shadow
  • cheese
  • soccer
  • michael
  • jennifer
  • jordan
  • gawker
Common Tech Words
  • gizmodo
  • internet
  • kotaku
  • qwerty
  • Lifehack
  • Computer
Common Phrases
  • f— you
  • Letmein
  • trustno1
  • blahblah
  • abc123
Number’s only
  • 123456
  • 12345678
  • 111111
  • 12345
  • 1234567
  • 123123
  • 1234
  • 654321
  • 666666
Don’t use Password
  • Password
  • passw0rd
  • password

My Suggestion

  • idontknow

DW sophos2

Image Credits

Do leave your comments on what kind of password combinations you would like to suggest. Even let us all know what you do personally to keep your accounts safe! You can even see How Passwords are like Underwear.

Link: Read the Report

Passplex: Generate strong passwords randomly

If you think you are not good at creating passwords and you still need a password which should be strong enough to be hacked, then Passplex can come to your rescue. Using Passplex is extremely easy and fast as well. In fact, you don’t even need to enter anything to get started.

DW passplex1

There are three options a user can select:

  • Length: This is the length of the password you want to generate. You can keep it between 8 and 16 characters only. Few people do want to keep their passwords less than 8 characters however it is not considered much safe.
  • Complexity: Complexity levels between 1 and 5 are available while the default is 3. This decides how complex the passwords needs to be.
  • The user can select whether to include only Numbers or Symbols, or both. This choice can widely change the strength index of the password.

You can even see the strength meter to select the best suitable password for yourself. Officially they have served 36864 till date. Do let me know if you think this can be of help in password selection. Keep in touch, keep Passplexing.. :)

LINK: Passplex

1Password – A Must Have iPad App

In today’s world where we have multiple accounts having different username/password combinations, it becomes quite difficult to store all such combinations. Also there are several vulnerabilities if somebody accesses your password. 1Password can be one stop solution for all your password storing needs. The app manages and organizes all your passwords and other private information like credit card numbers in encrypted form. All the information is available at your fingertips.

1Password App

1Password also facilitates multiple logins to various social networking site like Facebook etc. Fill the login forms of several sites using single tap. 1Password works well in sync with different Apple products, although it can work independently also. The app also provides backup facility.

1Password

Store any information that you want in 1Password’s preconfigured and predefined templates. Store all your credit card information in the Wallet, different username/password combinations in logins and Store the details of your girlfriends  in Identity. Priced at $14.99, 1Password is a safe bet for those who want complete peace of mind.

Link : 1Password

Find all WiFi passwords/keys saved on your computer

Since I got a laptop almost 11 months ago, I have been able to do my internet surfing at various places. The office, place where I stay, a cousin’s apartment and even back at my parents place. The great thing about saved WiFi passwords it that I can just open my laptop and it gets connected to the correct network with the correct password.

Now with so many WiFi passwords around, there is a fair chance you have forgotten some of them. This happened to me a couple of days ago. A cousin came over at my place and asked me for the WiFi password so he also could go online. I had forgotten the password. I was at work at the time and did not want him to get into the admin page of my router.

Thankfully Wireless Key View came to the rescue! :-)

Just download WirelessKeyView from Nirsoft and run the software. You will see all the various Wifi connections you have connected to with your laptop.

This will also show you all the WEP or WPA keys stored on your computer. Can be useful to write them all down somewhere if you are the forgetful type. :-)

Do drop in your comments and views.

Link: WirelessKeyView

Google images search gets swanky!

Google Search is fast becoming a favorite place for internet users to look up images online. Often we bloggers use Google image search for looking up cool images. For some reason as all things Google, its image search layout of images is quite basic and functional. Seriously Google should have a cooler way of showing images.

Well Google has now introduced a new way to look at Google images. I must admit it is quite attractive. It is now only available on Google.com and not with Google.co.in.

New Features of Google Image Search

  • Browsing can be done quickly with the keyboard to scroll up and down faster and as the images are a larger its easier to zone into what you might be really looking for.
  • Also a great feature is when you hover the mouse over an image it gets highlighted and slightly zoomed version of it shows up.
  • The great part is the you can keep scrolling downwards and it shows up to a 1000 images on the single page showing image results.
  • The landing page is also new. The image is highlighted with the webpage behind it giving a good idea of the webpage you are visiting.

This is quite a nifty feature and one of the best way to look up images online and is quite inline with YouTube’s leanback feature. It also is coolest way to look up images after the Cooliris extension with Chrome.

Do you use Google Image search? Do let us know about your views on this new feature through your comments.

How To View Passwords Hidden Behind Asterisk Character

Whenever you fill your credentials while login into your online account, due to security reasons it shows only asterisk characters instead of your original password.

In browsers there is a feature to save your passwords. It automatically fills up the login credentials whenever you opened up the login page. But in this case also you can’t see the password of your account. However you can see the password by visiting the options panel of your browser.

Read: Top 5 free softwares to Reveal your Asterisk Hidden Password

Now consider the scenario where you are using public computer where your browser can’t help you by reminding you the passwords. Many web services such as online banking or mail services come with security login feature (https), these services give you only few chance (3 to 5 times) to enter the correct password. If you fail to do so then it may be possible that your account get banned or locked.

If at first time you know what you password are entering inside the login field, you can easily avoid bad situations. The easiest way to know what is hidden behind asterisk character is using bookmarklet. I found a nice bookmarklet on Hacktrix blog. Here I am explaining one of it.

Drag the below given bookmarklet into your bookmark bar. Below given screenshot describes you how to drag it.

View Passwords

Now visit any webpage in which login is required. For example, let’s say Gmail.com. Enter your Gmail ID and password. Now click on the bookmarklet on the bookmark bar which you dragged in previous step.

A small dialog box appears displaying the password of your account. Here my password is toxicbird. Don’t try to login with this password in my account. Obviously it won’t work. :)

That’s how you can easily check the password behind asterisk characters. However this method is limited to web pages only. If you want to check the asterisk characters of tools such as Filezilla, FireFTP etc then check out our previous article Top 5 Free Softwares to Reveal your Asterisk hidden password. If you are a JavaScript geek and love Firefox you might like reading up on How to use Java Script for unmasking passwords on Firefox.

What do you think about services that unmasking passwords? Have you ever had a account blocked because of entering the wrong password 2-3 times inadvertently? Do let us know through your comments.