In this post, we talk about three of the best options in terms of password managers with local function.

KeePassXC

This excellent password manager is a fork of the extinct KeePassX. It works for Windows, Mac, and Linux. It also has a browser extension. Of course, there are no official clients for mobile devices. However, Keepass2Android and KeePassDX for Android and KeePassium and Strongbox for iOS are apps that work with the technology of this same manager.

One of its best features is its offline password management for all its platforms. You can store as many passwords as you want locally. So that only you have access to them on your computer. It also has two-factor authentication. It includes client encryption and the possibility of sorting by categories. Furthermore, it also supports AES, Twofish, and ChaCha20 encryption.

Along with all this, another remarkable aspect is that KeePassXC is totally free.e. Although, if you like it, you can also donate to its creators.

Password Safe

A simple and secure open-source password manager created by security expert Bruce Schneier. It is also compatible for Windows, Mac, and Linux. In addition, its database uses Twofish encryption with 256-bit key.

Its client is extremely simple, and you can sort all your passwords by category. In addition, it is free and works entirely locally. Therefore, your passwords will not be stored on any third-party server.

Password Safe has independent clients for mobiles that use its technology. On Android there is PasswdSafe, while on iOS we have pwSafe and pwSafe 2, the latter being paid.

Pass

Another open-source alternative is Pass. With it, you can store all your passwords locally. It also generates random keys for the websites you register on. It is a reference among the password managers developed for Unix. Its creator is Jason Donenfeld, developer of the Linux kernel and also creator of the VPN Wireguard.

This password manager encrypts entries in GPG keys. Each password is stored locally individually with its own GPG-encrypted files. It was certainly created for Unix. However, it also has standalone clients for Windows, browsers and mobiles. For those who do not want to use GPG encryption, there is also passage. This is a fork that makes use of age encryption.

Combines password managers with other security methods

The methods mentioned above are all open source and offline functions. Consequently, they are a great way to keep your passwords secure. However, we should never let our guard down when it comes to maintaining our online security. Therefore, it is always advisable to add more layers of security through other effective methods.

Having a password manager is an efficient way to access your websites and services. This by means of randomly generated passwords. In addition, with a powerful encryption method. However, to fortify your security, it is also smart to always use other methods. For example, two-factor authentication on as many services as possible. Surfing smartly and making use of tools such as VPNs also helps. Very well, in this way we have seen some local password managers. Bye!

The post Secure Your Passwords: 3 Local Password Managers to Keep Your Data Offline appeared first on Linux Windows and android Tutorials.

Hacked passwords increase

Look, the numbers don’t lie. A report examined trends related to breached data. In addition, in this report, researchers identified 1.7 billion compromised passwords. We’re talking about a 15% increase over 2020, and 13.8 billion personally identifiable information records recovered. These numbers come from breaches occurring in the year 2021.

Reused passwords have been the main vector for attacks recently. As we warned earlier, this is a recurrent practice. In addition, we have to add the growing threat of digital identity exposure. Similarly, he comments that his annual report shows that users still do not take password security as seriously as they should.

On the other hand, the threat of account appropriation is a factual matter. However, this threat is apparently not implementing general improvements in user cybersecurity hygiene. This careless behavior for individuals is truly alarming. Especially given the frequency of digital identity fraud.

The government sector was strongly represented in 2021, relating to passwords breached. In that aspect, 611 breaches were discovered containing .gov email addresses. On the other hand, they also found 561,753 credential pairs of email addresses and passwords of government agencies at the international level.

Below is a list of the most common data obtained by attackers:

• Names,
• Dates of birth,
• National identification numbers or driver’s
• Driver’s licenses,
• Makes and models of vehicles,
• Number of children,
• Smoking status,
• Marital status,
• Estimated income
• Position.

Reuse of passwords

This is a constant error. Incredibly, users keep tripping over the same stone over and over again. Today, the average user has dozens of online accounts with a single login. In addition, they often reuse passwords. The report found that 64% of users with multiple compromised passwords reused passwords for multiple accounts. This represents a 4-point increase from the same point in 2021. A worrying statistic is the year-over-year increase in password reuse. This reflects the ease with which cybercriminals can use compromised passwords to compromise multiple accounts. In this regard, it has been observed that:

• 82% of the reused passwords analyzed consisted of an exact match to a previous password.
• 70% of users linked to breaches were still using an exposed password.

How users create their own passwords

Undoubtedly, the reuse of passwords for several accounts has an impact on their vulnerability. However, there is also another important factor that makes our passwords more likely to be violated. In fact, the report also identified a strong link with current events when choosing our passwords. On the other hand, there were common elements used in general to generate passwords. Thus, some of these factors are: TV shows, movies, and series of 2021, also music, as well as pop culture and sports.

On the other hand, many users and businesses think they are protected against identity fraud by relying on a dark web monitoring service. Unfortunately, one thing they don’t know is that it can take more than a year before breached passwords reach the dark web for those services to find them.

Recommendations for protection

To adequately protect our accounts, we must comply with two essential aspects:

• Have a good password to access the service.
• Always enable the service’s two-step authentication.

For the former, we must create an alphanumeric password with a length of 12 characters or more. Additionally, it must mix numbers, uppercase, lowercase, and symbols. This way we avoid that our password is in a password dictionary and that it is easily vulnerable. On the other hand, you may not want to generate the password directly. In such a case, you can use any of the dedicated tools. In this case, we recommend Password Generator.

Another aspect to consider is to always use password managers. These tools allow us to store all users and passwords securely. Additionally, they encrypt the contained data, and access them through a master key that is the only one you must remember.

Let’s talk a bit about two-step authentication. In fact, nowadays most online services, prestigious websites, etc., have systems to configure the second authentication factor. On the other hand, if you are going to set up two-factor authentication, you must do it with an authenticator application. It is also advisable to use a USB device for authentication. On the other hand, it is not recommended to use SMS as a second authentication factor. Indeed, they could do a SIM Swapping and clone our SIM to steal this key sent to us.

Conclusion

On the other hand, staying safe is fairly easy with the right tools. We therefore recommend using a key manager such as KeePass or Bitwarden. It is also advisable to activate two-step authentication in your services, but without using SMS as a second authentication factor.

We also recommend the use of password managers. Certainly, there are many on the market. However, LastPass is my personal choice. It is indeed a very complete, functional and didactic service. Moreover, its free version is more than enough for a home user.

Very well, in this way we have seen that most hacked passwords are still in use. We also learned what measures to take to avoid this risky situation. Bye!

The post Most hacked passwords are still in use. See how to fix it. appeared first on Linux Windows and android Tutorials.

The Best Password Managers to Choose. Including free and paid.

We assume you are new to password managers. Therefore, you must be looking for that all-in-one tool. That is, that solution for all your password needs. Below, we have chosen the best password managers on the market. Security, usability, price, and functionality are considered. We also show good and at the same time free possibilities.

Bitwarden

Bitwarden is a solution that encodes all your information. Moreover, we are talking about an open-source software. Consequently, its infrastructure can be improved by developers from all over the world. Starting with a free offer, Bitwarden provides all the basics to secure passwords safely. For the subscription fee, it warns about the weakness of the passwords. It also includes additional security data for your accounts. The premium plan is available for the payment of $10 for a one-year subscription. This way you can enjoy premium features such as two-factor authentication, security reports and many more.

NordPass

Developed by the same people responsible for NordVPN, the well-known VPN option. NordPass is a newcomer to the neighborhood. To attract users, it offers them access to their passwords regardless of whether they are offline. Even regardless of the device they are using. It is a simple password manager that lacks many of the features of its competitors.

If you are looking for a simple password manager, without major pretensions, then NordPass is for you. Nevertheless, it includes unique features. For example, biometric protection through fingerprint scanning or its Face ID function. The free version should be more than enough for home users. However, for the $23.88 annual fee, you will enjoy premium features: password health check, synchronization between multiple devices and much more.

KeePass

KeePass is an offer concentrated on the basics. Indeed, it lacks an elegant user interface. However, the open-source code allows you to store all your passwords in a database that you can access with your key. Moreover, KeePass has NASA as one of its users. Sound familiar? Besides, they regularly release new versions. This option is preferred by people who just want to keep their passwords in a secure place.

With KeePass, we will forget about other functions that could distract you from the main function. It’s all about keeping your passwords safe and secure. Finally, this is a free and open-source tool.

RoboForm

RoboForm is an uncomplicated option for these tasks. Despite this, the password manager offers a wide range of functionalities. These include a master password generator, auto-completion of password forms, multi-platform support and many more.

The tool also allows you to securely send logins. This is a point in its favor, as it is usually a feature reserved for the paid plans of competing managers. NordPass is a newcomer to the neighborhood. To attract users, it offers them access to their passwords regardless of whether they are offline. The premium version is available for a fee of $16.70 per person per year. This way we will enjoy two-factor authentication, secure shared folder, priority support over other features.

Sticky Password

Sticky Password boasts an encrypted vault. Just log in to access all your passwords with a few clicks in seconds. Among its advantages, it has a very elaborate basic interface. In addition, the tool offers the possibility to share multiple devices. Consequently, passwords are always available. That is, no matter whether we are online or offline. The platform has cloud-free Wi-Fi synchronization and biometric authentication, which makes it secure.

Sticky Password also offers an intelligent security control panel. From there, we can notice which passwords are not complex enough. This password manager is free. However, it also offers a premium plan with two payment options. A perpetual mode with a one-time payment of $99.99. Additionally, it offers an annual subscription for the payment of $29.99. This unlocks unlimited password sharing, synchronization and backup.

LastPass

LastPass is one of the pioneers of password managers in the market. It is also considered a pioneer in the industry along with 1Password. LastPass works through the creation of a master password by the user. With this password, you log in to start saving passwords. It also functions as a vault to store passwords, secure notes and even addresses.

LastPass has extensions for almost all browsers. However, to log in, users can configure multifactor authentication as an additional security feature. In addition, it offers AES-256 bit encryption that only occurs on your device. Perhaps one point against it is that its interface is not very user-friendly. However, it offers many security tools. Besides, with time, you get used to it. On the other hand, the free version allows you to store passwords but not to share them. For the $3 monthly fee you can unlock premium features: password sharing, a security dashboard, dark web monitoring, and much more.

Dashlane

Dashlane offers features that go beyond a password manager. With this in mind, it scans the user’s entire digital footprint. In this way, it aims to increase the security of passwords. In addition, it stores your password information while you browse. Additionally, it incorporates a password autocomplete feature, which allows you to enter your password when you log in to an account for the first time.

Dashlane also offers a password generator. Through it, it will create a unique password for each account and store it in your password manager. These passwords are a random combination of characters, symbols, and numbers. The aim is to make unauthorized access by third parties difficult. It also has a very interesting dark web analysis tool. In effect, it scans the network and warns you if something is wrong with your passwords. Dashlane offers a free plan and a premium plan for $3.99 per month.

Alright, we’ve seen this compendium of the best password managers for 2022. All you have to do is choose the option that best suits your needs. See you soon!

The post The best password managers for 2022 appeared first on Linux Windows and android Tutorials.

More about this password manager for Linux

Bitwarden is a powerful open-source password manager that provides a solution to the password problem. In addition, Bitwarden incorporates a password generator that will help create random passwords and store them in a database.

In addition, Bitwarden has clients for Android, iOS and on the desktop, for Windows, Linux and macOS. All of them are synchronized. That is, Bitwarden can manage all your passwords and you can access them from anywhere.

Likewise, Bitwarden can be integrated into the most popular web browsers to offer even more synchronization.

Some of the main features of the application are the following:

• It has a strong encryption system. Specifically, we are talking about AES-256 bit. That is, it is a pretty secure prototype.
• Bitwarden is completely open-source. This means that anyone can audit the code and find security problems.
• It allows auto-completion of logins in the browser if you use the extensions for that.
• You can organize your vault with folders. This way you will have full control over them.

How to install Bitwarden on Linux?

The Bitwarden desktop client is built with Electron and Angle. This means that it can be easily installed on any Linux distribution that has compliant dependencies. However, the developers provide us with different download options.

For starters, they have a DEB package that should work on Debian, Ubuntu, Linux Mint and derivatives. This package can be installed using the following command:

:~$ sudo dpkg -i [file_path]

On the other hand, we also have an RPM package for Fedora, OpenSUSE and CentOS 8. You can install RPM package using this command:

:~$ sudo rpm -ivh [file_path]

Otherwise, we can use universal packages like SNAP or AppImage.

So the installation is not a problem.

Conclusion

Bitwarden is a powerful password manager that we can use on our Linux. So we invite you to try it and tell us your experience with it.

The post Bitwarden a password manager for Linux appeared first on Linux Windows and android Tutorials.

Please keep in mind that when working with servers, security is a fundamental aspect. For this reason, there are several reasons for modifying the duration of passwords. For this reason, there are several reasons for modifying the duration of passwords. According to the type of use, it is convenient to establish passwords with security time. For example, to temporary users, test users or those who are practicing in the company.

Now, we have two options for modifying password expiration policies on Windows Server 2019. Group Policy: Apply for when the computer is included in a corporate domain with Windows Server Domain Controller. Local Security Policy: Applies when our group is not in a domain, but is in a workgroup or is managed locally. Here’s how to change a password or change the expiration date of a password within Windows Server 2019 step by step.

Changing password expiration through Local Security Policy on Windows Server 2019

Below we will detail the process for entering the password policy configuration.

Step 1. Open Local Group Policy Editor

First, we need to enter Group Policy Management by clicking Windows+R and typing gpedit.msc

Once there, we must follow the next route: Local Computer Policy>Computer Configuration>Windows Settings>Security Settings>Password Policy

Step 2. Editing password policies

The editor allows you to configure different aspects of the password:

Enforce password history. This security setting determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. The value must be between 0 and 24 passwords.

Maximum password age. This security setting determines the period of time (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after a number of days between 1 and 999, or you can specify that passwords never expire by setting the number of days to 0.

Minimum password age. This security setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.

Minimum password length. This security setting determines the least number of characters that a password for a user account may contain. It can set a value of between 1 and 20 characters, or you can establish that no password is required by setting the number of characters to 0.

Password must meet complexity requirements. This security setting determines whether passwords must meet complexity requirements.

Password Requirements

If it enabled, the password must meet the following minimum requirements:

Not contain the user’s account name or parts of the user’s full name that exceed two consecutive characters
Be at least six characters in length
Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)

Store passwords using reversible encryption. This security setting determines whether the operating system stores passwords using reversible encryption. This policy provides support for applications that use protocols that require knowledge of the user’s password for authentication purposes.

Changing password expiration through Local Active Directory on Windows Server 2019

To access the domain password policy editor, we need to open the Server Manager. Next, click on the Active Directory Administrative Center tool.

In the next window, select the forest and then follow the following path: Domains>nameofdomain>Default Domain Policy. Where nameofdomain is the name of our domain, in my case telematic.local. Next, double click on Default Domain Policy to edit the values.

Once the window opens, follow this path: Default Domain Policy>Compuer Configuration>Policies>Windows Settings>Security Settings>Password policy

As we see we have the same options as in the local directives, the only difference is that if we open the local policies with our computer in a domain we cannot make any change in the directives. On the other hand, from a computer in a domain using this option if we will be able to make adjustments in the policies.

Changing or unlocking administrator password on Windows Server 2019

Sometimes it happens that we want to change the administrator password, or the account has been blocked. Sometimes it happens that we want to change the administrator password, or the account has been blocked. To do this, we must enter the Server Manager and select Active Directory Administrative Center.

Once there, all you have to do is select Reset Password, and enter the new password or unblock the account if it is locked.

As has been noted, the process for changing password policies is not that complicated. However, we must be careful when modifying these values, as it will affect the entry of users. In conclusion, Windows Server 2019 is a very friendly system and has wizards that facilitate the changes desired by the server administrator.

Well, this is all for now, before saying goodbye I would like to invite you to review our tutorial on installing Apache on Windows Server 2019.

The post How to change the password policies for local and domain passwords on Windows Server 2019 appeared first on Linux Windows and android Tutorials.

You’ve probably heard about encrypting files on Linux. First of all, it is good to say that this is a great way to protect your files as you can create a key file and a password to access them, that is, double security.

To do the above, there are several applications, but one of it of Tomb. Tomb is a 100% free and open source system for file encryption on GNU/Linux, facilitating the backup of secret files.

Tomb generates encrypted storage folders to be opened and closed using their associated key files, which are also protected with a password chosen by the user. So, if you want to protect your files and folders on Linux, then Tomb is a great option.

Let’s install it.

Install Tomb on Linux

Tomb, for now, is only available for Linux. So, if you use Arch Linux, your installation is reduced to running a single command. If you use Debian, Ubuntu, and derivatives you have to add a repository.

For Arch Linux

:~$ yay -S tomb gtomb

For Debian 9, Ubuntu 18.04 and Ubuntu derivates it is necessary to add the SparkyLinux repository. First, open a terminal and create a repo.list file.

:~$ sudo nano /etc/apt/sources.list.d/sparky-repo.list

Next, add the following:

deb https://sparkylinux.org/repo stable main
deb-src https://sparkylinux.org/repo stable main
deb https://sparkylinux.org/repo testing main
deb-src https://sparkylinux.org/repo testing main

Save and close the file. Then, download the GPG key and add it to APT.

:~$ wget -O - https://sparkylinux.org/repo/sparkylinux.gpg.key | sudo apt-key add -

Next, refresh the APT cache.

:~$ sudo apt update

Finally, install tomb package.

:~$ sudo apt install tomb

That’s it. Now, let’s use it.

Protect your files with Tomb

tomb allows you to encrypt folders and files through a file that serves as a key. This, in turn, is protected with a password. Encrypted folders are called tombs. Then, let’s create an example.

I will create a tomb called osradar with size 150MB. Remember a tomb is a folder. You must run the commands as root user.

Note: it is necessary to deactivate the swap partition.

:~$ sudo swapoff -a

:~$ sudo tomb dig -s 150 osradar.tomb

As I said before, the tomb is protected by a key file. Create it.

:~$ sudo tomb forge osradar.tomb.key

Then, you will have to enter the key file password twice.

Finally, you will see this.

The next step is to lock the folder with the key file. You have to type the password.

:~$ sudo tomb lock osradar.tomb -k osradar.tomb.key

Next, you will see this.

Opening the tomb

So, you know how to protect your folder with the key file. However, there’s still how to open it, why else, what’s the point?

You need to run this command and type the password.

:~$ sudo tomb open osradar.tomb -k osradar.tomb.key

And you will open the folder normally.

Finally, when you finish working with the tomb, close it.

:~$ sudo tomb close

If you have many tombs opened.

:~$ sudo tomb slam all

So, that’s it.

Conclusion

It’s never too much work to protect your files on Linux. Especially if they are private files that you don’t want anyone to be able to open. To do this, you have a simple tool like tomb that is very powerful and few commands let you encrypt a folder where you can store the most important things on your computer.

About security, we also talked about Buttercup a password manager. You can read it here.

The post Protect your files on Linux with Tomb appeared first on Linux Windows and android Tutorials.

MySQL and MariaDB are two popular database managers among application developers. Above all, because they are free, open source and because they are very but very robust and reliable. All this is added to the fact that they are well documented and have the support of the community.

Being two database managers, with clear objectives and good security measures, we find methods and ways to encrypt passwords or any string. that we need to protect even more.

What is Password Hashing?

First of all, you need to know what password hashing is. Password hashing is a way of encrypting a string so that not even the administrator of the system can know its value. It is especially useful for passwords.

This process is very important, but it is quite simple, they are simply functions that allow you to do it.

Some functions to do Password Hashing

MySQL and MariaDB have several functions that help us do a proper and hassle-free hashing. However, each of them behaves differently. Let’s see.

AES_ENCRYPT FUNCTION

Allow encryption of data using the official AES (Advanced Encryption Standard) algorithm. It is very secure. Encoding with a 128-bit key length is used, but you can extend it up to 256 bits by modifying the source. However, 128-bit length is enough for many cases.

This function requires two parameters, the first is the String and the second is key_str.

For example:

INSERT INTO table_name VALUES (AES_ENCRYPT('example',SHA2('password',512)));

This is the output.

MD5 FUNCTION

This function calculates an MD5 128-bit checksum for the string.

The value is returned as a string of 32 hexadecimal digits, or NULL if the argument was NULL.

SELECT MD5 ('EXAMPLE);

As you can see, the function calculates a value for the phrase or string and is useful for encrypting certain data.

PASSWORD FUNCTION

This is the most used function in MySQL or MariaDB to encrypt Strings. It’s really simple and we could almost say that it’s used by default, although obviously, it’s not. However, the PASSWORD() function is used for hashing passwords for use in authentication by the MariaDB server.

The return value is 41-bytes in length, and the first character is always ‘*’.

SELECT PASSWORD ('password');

SHA2 FUNCTION

Calculates the SHA-2 family of hash functions (SHA-224, SHA-256, SHA-384, and SHA-512). This function requires two arguments, firstly, the text to be encrypted and secondly the length of the hash (224, 256, 384, 512).

The SHA2 function works only if MySQL has been configured with SSL support.

SELECT SHA2('Angelo',224);
SELECT SHA2('Angelo',256);
SELECT SHA2('Angelo',384);
SELECT SHA2('Angelo',512);

This is the function more secure. It is recommended for production servers.

Conclusion

As you can see it’s easy to protect passwords even more. All that’s left is for you to use these tools properly.

If you don know how to install MySQL or MariaDB, you can read this article.

Please share this article on your social networks.

The post Password hashing on Mysql / MariaDB appeared first on Linux Windows and android Tutorials.

While on the internet I met Buttercup. A very sophisticated, modern, and simple password manager available for Linux. Actually, it’s multiplatform, so there are versions for Windows and Mac OS as well.

Buttercup uses very strong encryption to protect your sensitive details under a single master password. It also has an application for mobile iOS and Android that gives you access to the same archives you use on the desktop application.

On the other hand, Buttercup can be installed in Google Chrome or Firefox as an add-on, thus increasing the possibilities of operation.

The application uses strong 256bit AES encrypted archives that meet today’s security standards. So, you don’t have to worry about the security of your credentials. Another great feature that Buttercup has is its ability to integrate with Dropbox, Next cloud or Owncloud.

So, let’s use it.

Download and Install Buttercup

Installing Buttercup on Linux is very simple. It has installers for deb distributions (Debian, Ubuntu, Linux Mint…) and for rpm (CentOS, OpenSuse, Fedora…) which makes it usable for a large number of people.

First of all you have to download the corresponding file.

In my case, I’m using Debian 9, so I downloaded the .DEB file. If you use Debian, Linux Mint 19, Ubuntu 18.04/18.10 or one of its derivatives, then you must download the .DEB file. If you use CenOS, OpenSuse or Fedora or some derivative of these Linux distributions, then the option to choose is the .RPM file.

Next, open a Terminal and type.

For Debian, Linux Mint and Ubuntu:

:~$ sudo dpkg -i FILE_PATH

Now, you can use it.

Using this password manager

It is simple to use it. First, open it. You will see this.

As this is the first time you use Buttercup, you don’t have a file available. All encrypted passwords are stored in that file. If you have one, you can import it from the cloud or locally. In this case, I’ll create one.

Then, the program will ask you to give it a name. Then, enter a master password to protect the file. It is recommended that it be quite strong.

Next, you can add an entry.

For example, I’ll make an entry for a supposed Hotmail account.

As you can see in the image, you can generate a strong password automatically. Including options for generation. When you are satisfied with the result, you can press the Use This button.

Finally, you can connect with online services. Go to File menu and click on Connect cloud sources option. This is useful because you can save the file on one of this service.

Then, you have to write your ceredentiasls. And that’s it.

Conclusion

The security of our data cannot be taken lightly. Installing a password manager such as Buttercup can be vital to keep our data safe.

Please share this article with your friends through social networks.

The post Buttercup, a password manager for Linux appeared first on Linux Windows and android Tutorials.

Windows offer nice tricks to see the saved password of the connected Wi-Fi access point. Here’s how you have to do it.

How to see Wi-Fi Password(s)

We’ll be using command lines to see the password. This method works on all the Windows editions. However, it’s not tested on Windows XP.

• Start an elevated Command Prompt.
• Run this command:

netsh wlan show profiles

You’ll see all the available wireless profiles listed under the “User Profiles” section. The name of the network will be on the right side of the section. Pick up the desired network name.

• Now, run this command:

netsh wlan show profile name=<profile_name> key=clear

Exchange the place of <profile_name> with your desired network’s name.

This command will show up a lot of things. But we only need the password, right? Scroll down and find out “Key Content” under “Security settings” section.

The “Key Content” is the saved password of the Wi-Fi network.

This is a very simple trick, right? If you’re afraid of running commands, then follow this step-by-step, lengthy process.

• Connect to your desired network.
• Go to Control Panel >> Network and Internet >> Network and Sharing Center.

• Click your network from the list of active networks. In my case, it’s “TP-LINK_8D72”.
• Click “Wireless properties”.

• From the new dialog box, go to “Security” tab.
• Check “Show characters”.

You can easily see the password written there.

The post How to View Saved Wi-Fi Passwords on Windows appeared first on Linux Windows and android Tutorials.

The tool is developed by Troy Hunt, an Australian security researcher under his “Have I been Pwned” project. The project has gained incredible popularity and trust from the community. Troy Hunt has been collecting information on data exposed in data breaches for quite a time. His “Have I Been Pwned” (HIBP) portal allows anyone to safely check their emails, passwords or other details if that’s available in those breaches.

Pwned Passwords

The password is the most popular security option for almost anything. Naturally, the number of the leaked password is also quite huge. Choosing a password that isn’t available to hackers is quite important.

That’s where HIBP rocks. From the collection of all the data breaches, the website of HIBP opened a section for checking pwned passwords in the summer of 2017 where anyone can check their passwords if it’s available to hackers. Generally, hackers try to hack an account with all the popular and exposed passwords first so that they don’t have to run the infinite possible combination of letters.

Very recently, Hunt released an improved version of the Pwned Password service – v2. This newer version includes 501,636,842 compromised passwords! That’s a huge number of passwords, to be honest. If you feel adventureous, you can download the list of passwords from the site. However, the passwords are provided in SHA-1 hashes so that the REAL password string is unavailable.

It’s important that you check your password. Hackers generally gather all the leaked passwords into a password dictionary to perform brute-force attacks on accounts. If your password is leaked before, it doesn’t matter whether your account is safe or not – it’s simply a matter of time now.

How to check your password

Let’s use the Pwned Password tool as a demo. Here’s the password we’re going to check: dragon. It’s a quite popular password.

• Go to the Pwned Password site.
• Type the demo password: dragon

• Hit Enter.

As we can see, the password was seen 913,822 times before. This check was done on 0400 GMT on 6 March, 2018.

Just like that, feel free to check your own password here. If you’re concerned about security, don’t worry. The project of Troy Hunt has earned incredible popularity and trust from the community over the time. Even enterprises use this tool for checking passwords. Password manager app like 1Password added a feature that allows checking users their passwords to check it with HIBP’s database. Similarly, Wordfence, a powerful WordPress security system, added such function in their plugins. In the open-source community, there are hundreds of apps that use the power of Pwned Passwords.

If you’re concerned about your security, you should be using a strong password. Please check this guideline for strong passwords. A greater threat is already in the world of electronics – the Spectre bug in the modern processors. Learn about SgxSpectre – the latest Spectre exploit.

The post Is Your Password Pwned? appeared first on Linux Windows and android Tutorials.