In this article we will continue the series of presentations regarding different techniques used to capture and record e-mail and IM account passwords.

We want to make it very clear, one more time, that our purpose for providing this information is NOT to encourage you to use this information to steal passwords, but rather to inform you of the risks associated with such actions and methodologies. Whatever you choose to do with these information is up to you, and we will not be responsible for any activities you perform.

In this article we will present another two techniques:
- Locally Stored Passwords
- Trojan  
 
Locally Stored Passwords

Many browsers, including Internet Explorer, the AOL client, and Windows Dial-Up Connections allow you the option to store passwords. These passwords are stored on the local machine and (depending upon where and how it is stored) there is always a method of recovering these passwords. Storing password locally is not secure and may allow the password to be recovered by anyone who has access to the local machine. While we are not currently aware of any program to recover locally stored AOL passwords, we do not recommend that these are secure. Such software exists and can recover most of the types of locally stored passwords.

Trojan

A Trojan is usually a program that is sent to a user that allows an attacker to control functions of the target computer, get information from the target or to delete or damage files on the target. The name Trojan is given because the program will usually come attached or associated to other program or file that requires you to run it. There are many such Trojans which can be programmed to capture passwords and to email or transmit them to a third party. To protect yourself against Trojans, you should never run or download software or files that are not from a trusted or secure source.

It is very important that anyone surfing the internet to use a virus protection or Spyware detection program (which should catch most Trojans). Please note that a Trojan requires the password to be typed or stored in order to be recovered, thus is not an effective way to recover your own password. Anyway it could explain how someone could lose their password to a hacker attack. Sending someone a Trojan program is definitely illegal and we do not recommend this activity. A Trojan is not very effective in recovering a particular account password as it requires the target to install it first.

Most of the time hackers will send bulk mail Trojans to thousands of people in the hope that a small percentage will fall for it. Legitimate account holders who may have been caught by a Trojan should contact their service provider a.s.a.p. to request their account passwords to be reset.

Both Trojans and Programs design to recover locally stored passwords require some degree of technical information in order to be effective. Also sending Trojans and installing software on someone else computer to capture passwords which are stored locally is very illegal. This is why we are recommending the use of KeyLogger software on your own computer in order to record any activity – including passwords. This technique is not very effective when you want to find a password form a remote computer but taking into account that in most cases we want to discover passwords from persons close to us it could be very useful to always have KeyLogger software installed on our computer – you never know when it comes in handy.  In this respect we can recommend you one of our solution: All-Spy KeyLogger or to visit an independent source such as: www.keylogger.org

You Should Also Check Out This Post:

More Active Posts: