Header Banner
Gadget Hacks Logo
Gadget Hacks
Discover the Best New iOS 18 Features
WonderHowTo Gadget Hacks Next Reality Null Byte
gadgethacks.mark.png
Gadget Hacks Shop Apple Guides Android Guides iPhone Guides Mac Guides Pixel Guides Samsung Guides Tweaks & Hacks Privacy & Security Productivity Hacks Movies & TV Smartphone Gaming Music & Audio Travel Tips Videography Tips Chat Apps
how to
Home
Digiwonk

Have Your Friends Ever Used Pandora on Your Computer? Well, You Can Steal Their Passwords

Sep 21, 2012 08:00 PM
Sep 21, 2012 08:05 PM
Pandora Internet Radio logo

If you've ever logged on to the popular music application Pandora, your password is saved onto that computer in the local storage...for good.

So for everyone reading this article, you should change your password to a throwaway one that's only used for Pandora, because if you ever log on to a public, work or friend's computer and play some tunes through Pandora, you've just given the owner of that computer your password—and you might use it for other online accounts (a really, really bad thing to do).

Now, imagine your friends don't know about this and log in to Pandora on your own computer? Well, you can get their password, email, and login name now. This hack can be done on other browsers, but this article is specifically for Google Chrome.

How to Find Their Pandora Passwords

First, start out by being on Pandora's website. Then, follow the directions below for your specific browser.

Google Chrome

  • Developer Tools --> Resources --> Local Storage --> pandora.com

Safari

  • Developer --> Show Web Inspector --> Resources --> Local Storage --> pandora.com

Firefox

  • Download Firebug --> Open Firebug --> Console --> insert the following code (not in italics):

for (var i = 0; i < localStorage.length; i++){

console.log(localStorage.key(i),localStorage.getItem(localStorage.key(i)));

}

And then you just have to click Run.

For each web browser, the data you find should all look the same. Paste the data into the text box on Zorinaq's Pandorhack and click on the Decrypt button.

The user name and password should appear like this:

Username":""________"", "Password":""_________""

Voilà! You now have the username, email and password of everyone that has logged into Pandora on that computer. Most people use the same email and password, so feel free to try and get into all of their social media accounts and wreak havoc.

In fact, to play it safe, you yourself should probably have a throwaway password for every website and make things easier on yourself. Using something like LastPass allows you to only really remember one password which gives you access to every other password. Though it won't protect your Pandora password from getting hijacked on someone else's machine, it will make it easier to create random passwords for multiple sites.

NOTE: It seems that Pandora has removed the password from local storage, but the passwords can still be stolen if users do not explicitly log off.

The next big software update for iPhone is coming sometime in April and will include a Food section in Apple News+, an easy-to-miss new Ambient Music app, Priority Notifications thanks to Apple Intelligence, and updates to apps like Mail, Photos, Podcasts, and Safari. See what else is coming to your iPhone with the iOS 18.4 update.

Related Articles

Comments

No Comments Exist

Be the first, drop a comment!