KingOfAll
2008-10-29, 14:03
Like most people on here, I suspect, I have accounts on many websites, multiple email accounts, and the like. While I have different passwords for all of these, I've entered the password connected to a different account and/or different service many times.
If you had a group or individual you knew some of their user/account names, and you could implement a service they would be interested enough in to sign up for, and sign in fairly often, you could hypothetically set this service up to log all the passwords attempted, check if they were simple typoes of the actual password for the account, and, if not, to add it to a list of possible passwords for you to try on this persons other accounts.
While most of the people on here probably wouldn't be vunerable to this, what do you think of it?
If you had a group or individual you knew some of their user/account names, and you could implement a service they would be interested enough in to sign up for, and sign in fairly often, you could hypothetically set this service up to log all the passwords attempted, check if they were simple typoes of the actual password for the account, and, if not, to add it to a list of possible passwords for you to try on this persons other accounts.
While most of the people on here probably wouldn't be vunerable to this, what do you think of it?