Checking Pwned Passwords against Active Directory’s NTLM Hashes

Pwned Passwords is a great web service that lets you check your own password against millions of compromised and leaked password. It’s not only getting constantly updated by the owner, Troy Hunt but offers text-based downloadable files and API for anyone interested in building a 3rd party app. Newly added to the list is the password hashes in NTLM format, […]

The Dots Do Matter – How To Scam a Gmail User

Dots don’t matter is a feature Google has put on Gmail, meaning If someone accidentally adds dots to your address when emailing you, you’ll still get that email. For example, if your email isĀ [email protected], you own all dotted versions of your address: [email protected] [email protected] [email protected] The intention of this is good but it also opens a door for a phishing […]