Earlier today I had a need to encode some text into various forms, like MD5, Sha-1, etc.
I couldn’t find an easy way to do it without writing a script, so I made a simple little website.
I know only like 3 out of 100 people will find this useful, but check it out anyway:
It’s called Text Encrypt (www.textencrypt.com)
And yes I know, most of those methods are encoding, not encrypting – but tons of people search for encrypt, and all the good encode names were taken.
January 30th, 2008
When I got back from vacation, one of the many emails I had to go through was a Godaddy one saying that my password had been reset. I thought nothing of it, and clicked the spam button in gmail – thinking it was a phishing attack.
Today, that email suddenly jumped back into my head as I was about to register some new domain names and couldn’t login to GoDaddy.
A quick call to friends at GoDaddy revealed that somebody had guessed my Google account password, and used my Gmail to reset my GoDaddy account. Thankfully, I caught it before they had changed any DNS settings, registered, or transferred any domains.
I also managed to change my Google account password to something even harder to guess. (I’m actually shocked that somebody had guessed a 7 letter non dictionary word in the first place – if that’s how they got it.)
I’ve read about other techniques that involve including parts of a different domain onto your webpage, then using javascript to read what the browser auto-fills in the form. This can all be done in a 1px iframe apparantley – maybe that’s how it was done. I’m not sure.
Anyway, it’s scary just how much your Google account actually has access to. I’m lucky I caught it in time.
January 30th, 2008
