Of course this isn't the biggest problem with storing passwords. Stealing facebook credentials has it's limitations to the realms of changing your 'relationship status' to married or sending hatred messages to people. Seems harmless long-term right? So, ever wondered why it's always recommended NOT to store your passwords on shared computers. Well, here's why.

Communal desktops (such as internet cafes, your workplace, libraries etc) enforce their policies by preventing you to save your credentials with a web interface. This is considered best practice in preventing the related issues though lets imagine our laptop was stolen or you super-paranoid partner who wants to know if you're banging the secretary from your workplace even though you've continuously informed that person your not (even though you are!). Keeping stored passwords on your communal computer allows that criminal or 'love-one' to retrieve the information required.

The issue individuals have is trying to remember all their credentials

• Bank Accounts
• Frequent flyer miles
• Social media (bebo, facebook (or whatever the kids are using these days)
• Pension Schemes
• Online Shopping (amazon, ebay)
• Even things like your fantast football team

As a substitute, individual tend to have a small quantitative amount of passwords (maybe 3-4 different passwords) they use for various purposes. If your password is compromised, this allows individuals the opportunity to access your other accounts easily. E-mails are no exception. Someone gains your e-mail credentials then goes to facebook and click 'forgot password', facebook is assuming that you've forgot your facebook credentials though you can retrieve this though your e-mail account.... oops, thats not right!

Now I've set the scene, lets go back to the reason why you shouldn't store passwords

In this example I have used Mint.com as my reference to discovering password.

Notice my password is quite simply a load of astricks.

Oh, by the way, this is in no way intending to offend the security measures of mint.com. I believe it's one of the safer website even though it contains your bank details. I'm quite simply using a known and credited company as an example.

This example isn't just mint.com, this also be used to hack facebook, bebo, bank accounts, youtube etc.
Note:This has been done in safari though works in other web GUI's

• Start by right clicking on a saved bookmark and click edit Address.

• Within the address add in the following:

javascript:(function(){var%20s,F,j,f,i;%20s%20=%20%22%22;%20F%20=%20document.forms;%20for(j=0;%20j<F.length;
%20++j)%20{%20f%20=%20F[j];%20for%20(i=0;%20i<f.length;%20++i)%20{%20if%20(f[i]
.type.toLowerCase()%20== %20%22password%22)%20s%20+=%20f[i].value%20+%20%22\n%22;%20}%20}%20if%20(s)
%20alert(%22Password%20 is:\n\n%22%20+%20s);%20else%20alert(%22No%20passwords%22);})();

Important: Make sure there are not spaces in this javascript string. I have included spaces to ensure it can fit on this page

• Go back to your website with your stored password and click on the bookmark you just saved your javascript value
• The following window will pop up exposing your password

OMG, look at that, I can see the password that was stored securely (or was it)! It goes without saying that this should be used for personal use only. If you are the recipient of a starker-partner action then don't blame me, I'm not the person dating a crazy person.

About the author