Plug in your USB drive, and create a folder titled "Utilities".

Then, download the

following zip files (not the self-install executables) from the NirSoft Password Recovery
Utilities page onto the thumb drive and—after extracting the files—place all of the .exe
files in the Utilities folder:

 MessenPass

 Mail PassView

 Protected Storage PassView

 Dialupass

 BulletsPassView

 Network Password Recovery

 SniffPass Password Sniffer

 RouterPassView

 PstPassword

 WebBrowserPassView

 WirelessKeyView

 Remote Desktop PassView

 VNCPassView

Each of these executable files recovers passwords from a specific place on the computer.
For example, WirelessKeyView.exe pulls your wireless key, and
WebBrowserPassView.exe grabs all of the passwords stored in your browsers. If you
want to see what each one does in detail, check the NirSoft page linked above. If you see
any other password recovery tools you want to try out, download them as well, but what
we have here is a good starting point.

Step Two: Automate the Tools to Work With One Click

(XP and Vista Only)
Next, we're going to set up a script that runs all these utilities at once—allowing you to
grab a giant cache of stored passwords in one click (though it only works properly on
Windows XP and Vista, so if you're only using this on Windows 7 and above, you can
skip this step). Open your text editor, and for each file you downloaded, write this line of
code in one text file:

start filename /stext filename.txt

Replace "filename" with the name of the executable you just downloaded, including the
file extension. When you replace "filename" after the slash, you will change the .exe to a
.txt file extension. This is the password log the executable will create for you to see. A
finished script should look like this:

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt<br>start pspv.exe /stext pspv
.txt
start Dialupass.exe /stext Dialupass.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start netpass.exe /stext netpass.txt
start sniffpass.exe /stext sniffpass.txt
start RouterPassView.exe /stext RouterPassView.txt
start PstPassword.exe /stext PstPassword.txt
start WebBrowserPassView.exe /stext WebBrowserPassView.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start rdpv.exe /stext rdpv.txt
start VNCPassView.exe /stext VNCPassView.txt

Once you're done writing the script, save the file as Launch.bat in the Utilities folder you
created.

Step Three: Test Your New Password Stealer

Now you will be able to recover the usernames and passwords from each of these
programs. They will create detailed logs that show you the password, username, and
source (like the Network name or website URL), which is all you really need to do
damage. There's also the date the password was created, password strength, and other
information depending on the program. Here's how to test your new password stealer to
see how many passwords you've left vulnerable on your PC.

XP and Vista: Run the Script

Click the launch.bat file you just made to launch it. The password logs will appear in the
Utilities folder as .txt files alongside the original executables. Each will have the same
name as the .exe file they're sourced from. For example: the ChromePass.exe file will
have a ChromePass.txt file that houses all of the recovered passwords and usernames.
All you have to do is open the .txt files, and you'll see all your passwords.

Windows 7 and Above: Run Each Password Recovery App Individually

If you use Windows 7 or above, the script won't work for many of the apps, so you'll
need to open them up individually. Double-click on each program and the list of
passwords will pop up in a window. Select all that you want to save, and go to the File
menu, and save the log as a .txt file in the original Utilities folder you created on your
flash drive.

Use these logs to see for yourself how many passwords you've left vulnerable on your
system. It's remarkably easy to find and take them!

Step Four: Protect Yourself

Now that you know how vulnerable your information is, get serious about protecting
yourself. Take these precautions:

 If your computer has autorun enabled, disable it. It only takes a couple more lines
of code to set the .bat file to launch automatically when the flash drive is plugged
in, without the user even seeing what's happening.

 Take measures like not allowing your browser to remember your passwords, or at
least the important ones like mobile banking. Instead, use password managers
with encryption like LastPass or another good password manager to store all of
your passwords securely and out of harm's way.

 Use two-factor authentication every chance you get. There are tons of ways for
hackers to get your information if they want to. The second factor—something
you have—could be what saves you in the end.

 The obvious: always maintain physical control of your computer whenever

possible. Never leave your PC unattended with anyone else, especially someone
who's using a USB flash drive. In fact, it wouldn't hurt to offer to do the work
yourself as often as possible when a friend asks if they can use your computer.

Strong passwords aren't all the protection you need. Understand how vulnerable your
information really is, and build a nearly hack-proof password system to stay safe.