Windows Cookie Security / Password Encryption

Discussion in 'Software' started by N4N01D, 23 Jul 2004.

  1. N4N01D

    N4N01D What's a Dremel?

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    Hi, a program i use often for recoving customers passwords for them is revealer (this only works in windows 95/98) so for windows xp/2000 i use cain, on playing with this program i realised that when i let it search my computer it found all the different passwords and usernames for all the places that i log into on the net, i.e. bit-tech, and other boards which have the "remember me" box.

    What i want to know is there any way to increase the security / encryption used of the cookies so that passwords arent as easily viewed?

    N4N01D
     
  2. simon w

    simon w What's a Dremel?

    Joined:
    3 Nov 2003
    Posts:
    1,302
    Likes Received:
    0
    Cookies aren't secure. Any encryption is done by the web site (maybe there's some web browser that encrypts cookie?). If your really concerned about your bit-tech password, disable cookies or only allow session cookies
     
  3. N4N01D

    N4N01D What's a Dremel?

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
    i know cookies arent secure, but i was wondering was there a way to make them secure ? I dont wana hafta login for each session tho :(
     
  4. ST8

    ST8 What's a Dremel?

    Joined:
    14 Feb 2003
    Posts:
    596
    Likes Received:
    0
    tbh any decent website should not store your password as plain text in a cookie, they should be md5 hashed, or some sites just cookie your id client side rather than a pass.

    (md5 hashes are not decryptable as there are many solutions to the encryption, if my thinking is right)

    or does this prog somehow decrypt md5 hashes?? :eek:
     
  5. N4N01D

    N4N01D What's a Dremel?

    Joined:
    29 Apr 2004
    Posts:
    467
    Likes Received:
    0
Tags:

Share This Page