How to know passwords stored in web browsers

It is Quite Dangerous to save your password in Internet Explorer, Mozilla FireFox, Google Chrome, or even in Messengers.
Whenever you select “Remember my Password” option, then your Passwords are Automatically saved into your Computer, for further use.
The saved Passwords can be retrieved quite easily.
It is more dangerous when you are using public computers. In that case anyone can easily extract your password and misuse it.

Here is the Tip on how to Extract Saved Passwords:-

in firefox:

  goto tool-->options-->security-->saved passwords

in chrome:

goto  option-->settings-->advanced settings-->Manage saved passwords

for internet explorer you can use this tool

IE PassView

Recently facebok account of one of my friend was hacked as he had stored all his password in his firefox browser.

The following are the directory informations for different windows applications

 Here is the list of popular applications falling into various categories such as Internet browsers, Instant Messengers whose password secrets are exposed below.

•  Firefox 

The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt (depends on Firefox version) The passwords stored in this sign-on file are encrypted using 3DES followed by BASE 64 encoding mechanism. Here is the default location of Firefox profile directory,
 
 [Windows XP]
C:\Documents and Settings\<user_name>\Application Data\Mozilla\Firefox\Profiles\<random_name>.default

[Windows Vista & Windows 7]
C:\Users\<user_name>\AppData\Roaming\Mozilla\Firefox\Profiles\<random_name>.default
...........................................................................................................................

• Google Chrome

Google Chrome stores all sign-on passwords in the sqlite database file called 'Web Data' within the profile directory. Here is the default location of Chrome profile directory.

[Windows XP]
C:\Documents and Settings\<user_name>\Local Settings\Application Data\Google\Chrome\User Data\Default

[Windows Vista & Windows 7]
C:\Users\<user_name>\Appdata\Local\Google\Chrome\User Data\Default
...........................................................................................................................

• Internet Explorer

Internet Explorer stores two types of passwords, sign-on and HTTP basic authentication (generally proxy, router configuration) passwords. IE below version 7 stores both sign-on and HTTP basic authentication passwords in the secure location known as 'Protected Storage' in the following registry location,

HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider

With version 7 onwards IE uses the new mechanism to store the sign-on passwords. The encrypted password for each website are stored along with hash of the website URL in the following registry location.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2

Also IE 7 onwards, HTTP basic authentication passwords are stored in the 'Credentials store' at following location based on the operating system.

[Windows XP]
C:\Documents and Settings\[username]\Application Data\Microsoft\Credentials

[Windows Vista and Windows 7]
C:\Users\[username]\AppData\Roaming\Microsoft\Credentials
............................................................................................................................

• Opera 

Opera stores the login passwords in an encrypted format in the 'Magic Wand File' called 'Wand.dat' within its profile directory. This profile path is different for different versions of Opera as shown below.
For Opera Version less than 10

[Windows XP]
C:\Documents and Settings\<username>\Application Data\Opera\Opera\profile\wand.dat

[Windows Vista/Windows 7]
C:\users\<username>\AppData\Roaming\Opera\Opera\profile\wand.dat
...........................................................................................................................

•  Microsoft Outlook

Newer version of Outlook starting from 2002 to latest version 2010, store the passwords (other than exchange server) for various email account such as POP3, IMAP, SMTP, HTTP at following registry location.

[Windows NT onwards]
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles

[Prior to Windows NT]
HKEY_CURRENT_USER\Software\Microsoft\Windows Messaging Subsystem\Profiles

Newer versions of Outlook from 2002-2010 stores the Exchange server passwords in 'Credential Store' as it provides better protection over other methods.

Older versions of Outlook (Outlook Express, 98, 2000 etc) stores the Email configuration information along with encrypted password at following registry location,


[For Outlook installed in Internet Mail Only Mode Configuration]
HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts

[For Outlook in normal mode]
HKCU\Software\Microsoft\Internet Account Manager\Accounts
............................................................................................................................

• Google Talk 

Google Talk (GTalk) stores all remembered gmail account information at following registry location.

HKEY_CURRENT_USER\Software\Google\Google Talk\Accounts

For each Google account separate registry key is created with the account email id as name under this key. Account password is encrypted and stored in the registry string value named 'pw' within this account registry key.
..............................................................................................................................

•   Windows Live Mail

All account settings, including the encrypted passwords, are stored in
[Windows Profile]\Local Settings\Application Data\Microsoft\Windows Live Mail\[Account Name]

The account filename is an xml file with .oeaccount extension.
.............................................................................................................................. 

•  Yahoo Messenger

Yahoo Messenger prior to version 7.5 used to store the password in the registry value 'EOptions String' at following registry location,

 HKEY_CURRENT_USER\Software\Yahoo\Pager

This encrypted password can be decrypted using ycrwin32.dll.
................................................................................................................................ 

•  AIM (AOL Instant Messenger)

AIM version 6 onwards stores the password at the following registry location,  
HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords

AIM PRO version uses the different registry location to store the passwords,

  HKEY_CURRENT_USER\Software\AIM\AIMPRO\<Account_Name>
................................................................................................................................ 

• Pal talk 

PaltalkScene stores main account password at following registry location

 HKEY_CURRENT_USER\Software\Paltalk\<nick_name>

Password is encrypted and stored in the registry value 'pwd' under this key. All other IM passwords such as Gmail, Yahoo, AIM etc are saved under separate sub keys under this registry key.
............................................................................................................................... 

•  Skype

Skype does not store password directly. Instead it stores the encrypted hash of the password in the 'config.xml' located in Skype's user profile directory. Typical user profile directory for Skype will be as follows,  
[Windows XP]
C:\Documents and Settings\<user_name>\Application Data\Skype\<account_name>

[Windows Vista & Windows 7]
C:\Users\<username>\AppData\Roaming\Skype\<account_name>
................................................................................................................................

•  MSN Messenger 

The passwords are stored under
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds\[Account Name]
...............................................................................................................................