Admit it: You’ve sent a password via email.
You’ve probably also had emails sent to you containing usernames and passwords.
Emailing passwords is a big No No.
Since we know you probably have an old and easy to guess password, you are leaving yourself and others vulnerable for being hacked.
There’s a new tool online that can help you discover possible passwords in all your old email and then either encrypt them or remove them. The service is called Cloudsweeper and its operated by two people from the University of Illinois at Chicago.
Once you visit their site, you’ll see an explanation of why emailing passwords is a problem (duh!) and three options to the right for the services offered.
Note: this is only for users of GMail and Google Apps currently.
Start with the Account Audit. It’ll take a few minutes and let you know the value of your account to a hacker, the services that can probably be accessed using your emails, and then you have an option for step 2: Cleartext Password Audit. You’ll need to click the Back button on your browser to get there from the Account Audit page.
When you run the Cleartext Password Audit, Cloudsweeper will try to identify the passwords in your email. Once it does, you’ll have three options: Encrypt, Redact, or Do Nothing. Each is explained on the site. I suggest you choose one of the first two options.
Choosing either of the first two options will take some time, but it is worth it for the peace of mind and increased security.
Take the time to check out Cloudsweeper now.