Jump to content
CCleaner Community Forums

Online Password checkers


Recommended Posts

Paranoid or not, it's silly to enter your real passwords into such "checkers" whether TLS or not.

You can change a letter or two from the real password. I did so. I don't think that makes any difference. For example, if your real PW is pass1234, you can type pess1235. You get the basic idea, what ever your PW is strong or weak.

 

Also, this is what they say on the Microsoft checker:

 

Password Checker does not collect, store, or transmit information beyond the computer that you use to access Password Checker. The image works on your computer desktop until you navigate away from the page.

 

The security of the passwords entered into Password Checker is similar to the security of the password you enter when you log into Windows. The password is checked and validated on your computer, but is not sent over the Internet.

Link to post
Share on other sites
  • Moderators

Looks like I need to change my forum login password as MS deems it to be weak, but I think I already knew that. At least my email password is medium, but I suppose it needs some thoughtful improvement too.

Link to post
Share on other sites

It's good to change (some of) your passwords sometimes, even though you are sure, that your password is not in the wrong hands. I change my online banking password maybe 2 times a year. Or atleast once a year. When and if you change, make sure that it's no weaker than previous one.

Link to post
Share on other sites
You can change a letter or two from the real password. I did so. I don't think that makes any difference. For example, if your real PW is pass1234, you can type pess1235. You get the basic idea, what ever your PW is strong or weak.

 

Also, this is what they say on the Microsoft checker:

 

Password Checker does not collect, store, or transmit information beyond the computer that you use to access Password Checker. The image works on your computer desktop until you navigate away from the page.

 

The security of the passwords entered into Password Checker is similar to the security of the password you enter when you log into Windows. The password is checked and validated on your computer, but is not sent over the Internet.

 

Sounds like BS to me. If the password is checked and validated on your computer, why the need for TLS? Also even if everything is local (e.g javascript) , you can imagine scenarios with XSS attacks etc.

 

Granted all this is very unlikely, but that's not my point away.

 

The reason why i said i did "paranoid or not....", has nothing to do with whether it can be exploited or not. Rather I was trying to imply that doing so doesn't give you any meaningful information really.

 

You already know how strong or weak (roughly) your password is, or really you are wasting your time here...

Link to post
Share on other sites
Really? All it shows on mine is my router login password :huh:

Naturally if I delete all FF's cookies my forum login details don't show.

 

Protected storage is running but my OE usernames/passwords still show but my router login doesn't. :blink:

Link to post
Share on other sites
Naturally if I delete all FF's cookies my forum login details don't show.

 

Protected storage is running but my OE usernames/passwords still show but my router login doesn't. :blink:

Nope, doesn't show anything from my Firefox cookies. I have the protected storage service disabled though, maybe that is the reason.

Link to post
Share on other sites
  • 2 weeks later...

I use the same password for an almost innumerable number of websites, and don't really care that its strength is seriously lacking.

 

I was victim six months or so of a 100$ fraud on Paypal, but I was quickly reimbursed after I contacted the technical support authorities of the latter corporation. I only changed it thereafter because I was prompted to do so by the login system.

 

By the way, any reason why my signature was hijacked by Piriform ?

Link to post
Share on other sites
  • 3 weeks later...
  • 3 weeks later...
I use the same password for an almost innumerable number of websites, and don't really care that its strength is seriously lacking.

 

I was victim six months or so of a 100$ fraud on Paypal, but I was quickly reimbursed after I contacted the technical support authorities of the latter corporation. I only changed it thereafter because I was prompted to do so by the login system.

 

By the way, any reason why my signature was hijacked by Piriform ?

did it look like thispost-16440-1202692113_thumb.jpg

:(:(:rolleyes::rolleyes:

post-16440-1202692113_thumb.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...