Gizmos Needs You

Gizmo's Freeware is Recruiting

 We are looking for people with skills or interest in the following areas:
 -  Mobile Platform App Reviews for Android and iOS
 -  Windows, Mac and Linux software reviews       Interested? Click here

                  

 

Find the Passwords Internet Explorer is Storing On Your PC

One of the features of modern web browsers is that they automatically store usernames and passwords for many of the private web sites that you visit.  This can, of course, be a very useful feature.  Sign up for a discussion forum, log in once, then you don't have to worry about logging in again.  Just let your web browser fill in the details automatically, each time you visit the site.

However, there's an obvious security problem here, and it's a biggie.  Is the browser storing your password in a sufficiently encrypted format, or could someone else who has access to your computer also retrieve those passwords?

Perhaps unsurprisingly, it's not good news, as an excellent freeware utility from the excellent Nirsoft demonstrates.  IEPassView (http://www.nirsoft.net/utils/internet_explorer_password.html - note that the download link is right at the bottom of the page) is a program which attempts to display web site passwords which Internet Explorer has stored on your Windows PC, and it works alarmingly well.  In my case, under IE8 on Windows 7, it immediately displayed my username and password for Gmail, Youtube and others.

If you're worried about other people running such a program on your PC, now might be a good idea to change the passwords for any sites which are a particular concern, and configure your browser not to store passwords.  

On the other hand, if you've forgotten the password to a site you often visit, and have been relying on your browser to remember it for you, this might just be the tool you've been looking for!

 

IEPassView 

 

NOTE:  Some antivirus programs regard password recovery utilities as "hacking tools", and consequently might attempt to stop you downloading this file.  Note that this doesn't mean that the program has a virus. 

 


Got a Hot Find like this one?  Please let me know about it!  Just fill in the some brief details and I'll do the rest.  See http://www.techsupportalert.com/content/submit-product-review.htm for more.


 

Share this
3.5
Average: 3.5 (4 votes)
Your rating: None

Comments

by westnile on 7. June 2014 - 3:21  (116658)

This is to by Anonymous on 31. May 2010 - 2:51 (50675) and all the other Nay Sayers

It WAS STATED that this is a older program and it will/might be detected by newer av or anti malware programs.

I have been in IT for 20 years building repairing cleaning viruses etc out of computers and Network Security.

The program IE Passview is completely safe all it does is read the registry entries for saved passwords and decrypts them so you can read them in plain text aka understandable stuff not letters and number jumbled together.

Before you complain especially when using a Microsoft product to scan with try reading everything fully.

Btw MS Security Essentials is junk just saying it never has been and never will be a reliable means of security just from my basic knowledge I could code something that would get past it try [commercial reference removed].

As for IE passview I have been working on a clients laptop and never have I run into a issue like this shes running windows vista home (i know pos OS) and IE 8 the registry entries are there for the saved passwords but IE passview does not show them I am stumped first time since I started doing this when I was 12, I am looking for other options
would it be possible for for me to set up a temp key logger that would capture it?
The way her laptop is setup as soon as you load the websites gmail or hotmail it instantly takes you to the clients inbox she is a older person and has many medical conditions thats making it hard for her to even try and remember the recovery information.

I am looking for any and all possible venues for me to retrieve her passwords so I can setup her new laptop for her.

Any and all help is appreciated (if you have negative thoughts keep them to yourself)

by adriaan50 on 1. July 2013 - 12:29  (108874)

Lost my Gmail password and all recovery options dont work.
What to do??

by Anonymous on 2. June 2010 - 19:48  (50911)

This is OLD news. Been using these tools for years. Was hoping this would be some new tools, but no. Still good tools, but most anti-v detect the IE one as false P. So might want to turn AV off when running.

by HeWhoRocks on 3. June 2010 - 11:51  (50941)

This is new to me and i am grateful to the editor for bringing it to my attention. Perhaps YOU could research and suggest some new tools with your free time?
Thanks r.schifreen :)

by Pelican on 1. June 2010 - 4:22  (50761)

In addition to IE password etc. recovery Nirsoft also caters for Firefox and Chrome browsers.
The links are as follows.
http://www.nirsoft.net/utils/chromepass.html
http://www.nirsoft.net/utils/passwordfox.html

by Anupam on 1. June 2010 - 6:23  (50768)

Its a request, please do not post direct links to files. Post the link to the software page, or the download page instead. We do not allow direct links to program files. I have edited the links and made them point to the software page. Next time onwards, the comment with direct links will be simply deleted.

by Phylis Sophical on 31. May 2010 - 16:29  (50713)

F-Secure flags it as 'Riskware' saying, 'Useful, legitimate software which could possibly be misused for malicious purposes.'Which to my mind is a good description.

I only have one site with a password on IE and it shows me my two older passwords but not the present one. Strange. I be the neighborhood guru here and when helping people clean up their machines, they can never remember their passwords. This program is very helpful in that case.

by Anonymous on 31. May 2010 - 2:51  (50675)

Microsoft Security Essentials, Norton AntiVirus, aSquared, etc. detect this program as a serious trojan attack threat. As soon as it downloaded, all kinds of alarms went off. Microsoft was the first to detect Trojan:Win32/Bladi!rts. "The program is dangerous and executes commands from an attacker."

This is not a trustworthy program to install according to AV programs.

IMHO. I would not install.

by Anupam on 31. May 2010 - 6:21  (50684)

The alerts are being given because of the nature of the program. The program finds out IE passwords, and because of this the program is being flagged. It can be considered as a false positive, because its from Nirsoft, and its a reputed site.

by ssoundman on 31. May 2010 - 3:41  (50680)

I have both Avira Antivir Pro and SUPERAntiSpyware Pro installed, so I decided to download it and check it out anyway. Ok, I confess - I'm not really that brave - I was going to use a sandbox.

However, I found that it was included in the NirSoft Launcher I had already downloaded (no trojan alerts, just a hack tool alert which I told Avira to ignore), so I ran it form there - I don't use IE so it didn't have any passwords stored.

But there are several other password recovery utilities included in the NirSoft Launcher, and I highly recommend the launcher collection. You can even include the Sysinternals Suite of tools in the launcher when you set it up on your flash drive - very cool! Ryan Russell wrote about it in his article for Windows Secrets newsletter, linked here: http://windowssecrets.com/links/tgfquwaznlprd/4fd0b3h/?url=WindowsSecret...

by Anonymous on 31. May 2010 - 3:18  (50678)

Hello,

I would suggest this is a false positive.

Nirsoft are a reputable company with many such password retrieval tools which I have used for years.

Provided the program is downloaded from their website directly there should be no problems whatsoever.

The Nirsoft site is als0 rated as 'excellent' with the Web of Trust.

Cheers,
Paul.

by Anonymous on 30. May 2010 - 21:24  (50648)

I have been using Password Agent instead... encrypted (even in RAM!) of passwords. Have been an avid user of it for years (yes, paid for it). From within the program, it is possible to launch IExporer, then one-click filling of username & password. Still: encrypted, even sniffers will have a hard time! Program can be found here: http://www.moonsoftware.com/pwagent.asp

by Anonymous on 2. June 2010 - 20:15  (50912)

this looks more like a anti keylogger tool, kinda looks good im ganna give it a try. I doubt that it will give any more added protection to a man in the middle attack as the password cant be encrypted in the form value.