Whenever you fill your credentials while login into your online account, due to security reasons it shows only asterisk characters instead of your original password.
In browsers there is a feature to save your passwords. It automatically fills up the login credentials whenever you opened up the login page. But in this case also you can’t see the password of your account. However you can see the password by visiting the options panel of your browser.
Now consider the scenario where you are using public computer where your browser can’t help you by reminding you the passwords. Many web services such as online banking or mail services come with security login feature (https), these services give you only few chance (3 to 5 times) to enter the correct password. If you fail to do so then it may be possible that your account get banned or locked.
If at first time you know what you password are entering inside the login field, you can easily avoid bad situations. The easiest way to know what is hidden behind asterisk character is using bookmarklet. I found a nice bookmarklet on Hacktrix blog. Here I am explaining one of it.
Drag the below given bookmarklet into your bookmark bar. Below given screenshot describes you how to drag it.
Now visit any webpage in which login is required. For example, let’s say Gmail.com. Enter your Gmail ID and password. Now click on the bookmarklet on the bookmark bar which you dragged in previous step.
A small dialog box appears displaying the password of your account. Here my password is toxicbird. Don’t try to login with this password in my account. Obviously it won’t work. 🙂
What do you think about services that unmasking passwords? Have you ever had a account blocked because of entering the wrong password 2-3 times inadvertently? Do let us know through your comments.