User Controls
accessing stored password
-
2017-08-29 at 10:10 PM UTCthis is why i like to dl all my music and i can back it all up.
-
2017-08-29 at 10:17 PM UTCDo you have access to the old browser the password was entered on?
-
2017-08-29 at 10:18 PM UTCSpeccy to the rescue
-
2017-08-29 at 11:10 PM UTCAlthough my account is a free version their 'customer' support was able to authenticate me in a different way and emailed me a temp password.
Originally posted by -SpectraL Do you have access to the old browser the password was entered on?
Even though I got into the acct I would be curious to see what you were going to suggest. I did have it logged in here on chrome yep. I don't know if the password is stored in anyway locally, I usually tell the browser not to save passwords and I wonder if pandora just recognizes my valid login from months or years ago from a cookie or something. -
2017-08-30 at 2:10 AM UTC
Originally posted by mashlehash What does your name stand for?
Sally Brumice Theodore, but my friends call me Lauien
Originally posted by MrAsbestos Even if I manage to root my phone I'm gonna have no clue what to do in data/data . its probably gonna be some obfuscated bullshit
Rooting usually means wiping all data. You could try known exploits. What SDKversion?
In /data/data its likely in the shard prefs xml file. -
2017-08-30 at 2:28 AM UTC
Originally posted by MrAsbestos Even though I got into the acct I would be curious to see what you were going to suggest. I did have it logged in here on chrome yep. I don't know if the password is stored in anyway locally, I usually tell the browser not to save passwords and I wonder if pandora just recognizes my valid login from months or years ago from a cookie or something.
Since you're in, it's a moot point, but if the password was never stored on the browser to begin with, then there is nothing to recover. -
2017-08-30 at 2:29 AM UTC
Originally posted by MrAsbestos Although my account is a free version their 'customer' support was able to authenticate me in a different way and emailed me a temp password.
Even though I got into the acct I would be curious to see what you were going to suggest. I did have it logged in here on chrome yep. I don't know if the password is stored in anyway locally, I usually tell the browser not to save passwords and I wonder if pandora just recognizes my valid login from months or years ago from a cookie or something.
Literally first result on google.
http://www.nirsoft.net/utils/web_browser_password.html
Nab the password out of your browser on your computer. It's probably going to be hashed, if you PM me the hash i will see if i can crack it for you, for free, because i am nice like that. -
2017-08-30 at 7:28 AM UTCTypically chrome won't shuffel cookies between browsers.
If you can get a password field in a browser to autofill you can pull it out with devtools. Desktop is easy, for mobile browsers you have to enable ADB, there's a few steps but it's not rocket science. Autofill stores passwords in the clear except in very unusual situations, password hashing is usually done server side. Old VB used to hash password client side but if you think about it a bit you realize client side hashing doesn't really do anything for you: if a string you can intercept is a token you can use to authenticate it doesn't really matter if it's a hash or a cleartext password. It's the same scenario in the case of a passive tap. -
2017-08-30 at 9:27 AM UTC
Originally posted by MrAsbestos Although my account is a free version their 'customer' support was able to authenticate me in a different way and emailed me a temp password.
you are still a customer. they still get money from you just as much as their 'paying' customers. those nice ad people just pay them for you is all.
. -
2017-08-31 at 12:35 PM UTC
