Disclaimer: In the event that the information discussed here is used for nefarious purposes. I can NOT be held responsible for what other people do. The primary reason in posting this is to help others understand certain risks and to encourage practice of better security habits.
Everything discussed here may be no-brainer knowledge for a tech savvy person and if so this blog isn’t really meant for you. There’s quite a few naive users who have this false sense of security when it comes to their login information being very secure. Therefore I am going to demonstrate probably by far one of the easiest ways in trying to obtain someone elses password.
Anyone with 3 brain cells can do what I’m about to show and it can be done within the confines of your own home! Lets say for example, you and your significant other aren’t getting along and you sense a big breakup in the near future. Or perhaps a c0-worker of yours in the neighboring cubicle is still bitter about you being chosen for a promotion instead of them. If you’re in any sort of situation like that, then you’re definitely gonna want to pay attention.
There’s only 2 things you need:
- Firefox web brower
- Firebug – (add-on for Firefox)
For this blog I am going to use Yahoo’s login page as my example (with username edited out).
Rather than trying to remember passwords, I’ll bet you prefer storing them into your browser’s password manager huh? I’ll also bet some of you think your password being concealed by those billets, that there’s some sort of super strong encryption behind it huh? If that is what you were thinking then you couldn’t be any more wrong.
Move your mouse cursor directly over to the password box, right-click and hit “Inspect Element with Firebug” as pictured above.
Afterwards you will see a box appear with the login box highlighted in blue (in code form). Then if you look closely where I have, type=”password” in red, this is where you going to do a minor edit.
Now in Firebug you are gonna edit the word “password” that’s highlighted in red, then you’re going to change it to “text” and hit enter as pictured above.
Now if you look at the login box again you’ll see that your password is now showing! This of course is a temporary password that I have saved on my Yahoo account before making this blog. In other words, I’m not stupid to reveal an actual password of mine. LOL
So if you’re one of those lazy web surfers who uses the same password repeatedly for services such as eBay or Amazon. Or any other site where your personal information such as credit card numbers are stored. Then it’s not just 1 online account but every single account you’ve ever created that has the same password is also compromised.
This can turn into some nasty business, real quick. All because you failed use different passwords and failed click that X button at the top right hand screen of your web browser.