Wednesday, December 19, 2012

Reveal Passwords Behind Asterisk Easily

Reveal passwords behind asterisk
All new and old web browsers show us an option to save the password when logging to any site. For eg, Facebook.com or GMail.com. Sometimes, In case of home computers, people like me usually save passwords for quicker login, because they are too lazy to type the password again and again. 





Now if you have saved the password, whenever anyone opens the webpage, the input field is filled with yellow color to indicate that anyone can login the website by just hitting enter key or clicking on Sign In. See pic below.

Reveal Facebook password

This means that you are depending on asterisks '*' to secure your credentials. I would like to clarify you that these asterisks are not very safe. Anyone can extract passwords from them easily within a single minute. First of all I will explain you how the input fields work.

Webpages are designed with HTML or similar languages like php. The developers use the following code to create an input field.

<input type=“text” name=“email” > </input>

The above code will render a normal input field that you use to input the E-Mail Address while logging in. But the code used to create a password field is slightly different from normal one and looks like this:

<input type=“password” name =“password”></input>

This code will render a input form that hides the input text in form of asterisk “*” which you call stars in informal language. So your E-mail is saved in normal text field and the password in hidden one.

Now come to point where I was talking about. Recently some days back I posted about some days back. The trick used to change the Facebook webpage in order to posts animated pictures.

By using the same trick you can get the saved passwords hidden in forms of normal text . All you need are the following things:
1.     A website of which the password is saved.
2.     Google Chrome(Preferred) or Mozilla Firefox web browser

Now open the website in which the password is saved. After that Right-Click on the password field and select Inspect Element. Now in the bottom of the screen you will be shown the code for the current page. Now you need to find the following line.
Now Double-Click on [type="password"] and replace it with [type="text"] and press Enter. Now you will be shown the password in form of normal text. Done

Please Note: Some people who are jealous of me will not find this article enough helpful as they use a JS bookmarklet. Its good if you have code in your hand, but not in emergencies. The method I showed above is completely manual and always working. 

No comments:

Post a Comment