Anyone can sign up for this "Password-of-the-Day" list that gives you free random login credentials

Password Of The Day describes itself as a sort-of "Internet Treasure Hunt." Sign up for their list with your phone number, and they'll send you one text message every day with a random username and password. The login credentials themselves are (supposedly) real; they just won't tell you where that particular combination will work. The discovery part is up to you. But if you're lucky, you might land access to a free account on Spotify, or Steam, or Pornhub, or Headspace, or any other sites. Even if it is technically someone else's account. As they explain in an FAQ on the site:

Every day we are releasing one valid username+password combo to a mystery account. It could be Disney+, Creative Cloud, a bank account with $1000 in it - every day is different. So we give you the login info, but it’s up to you to discover what the account is; it’s like having a key, but not knowing what door it opens. Scour the internet, try your login on all the services you can think of. If you successfully log in, the account is yours!

It's not clear where they're getting this data from, or who's paying for it. But if you want to take the gamble — hey, go for it.

MSCHF, the company behind the list, is a pseudo-internet-performance-art-collective founded by ex-Buzzfeed employees that specializes in viral pranks. Sometimes these function as promotional material for other companies; sometimes they just exist, and maybe go viral, or don't. Read the rest

This Welsh password generator might keep you safe from hackers, but definitely from dragons

Inspired by XKCD's classic diceware strip, a programmer named Alice created an open-source algorithm to randomly generate secure passphrases in Welsh. As difficult as it would be for any human or computer to figure out a nonsense phrase like, "correct horse battery staple," it would be even more difficult to guess, "stwffwl batri ceffyl cywir," especially when there are only about 700,000 Welsh speakers to begin with.

While I'm no cryptologist, I did run a few of the passwords through HowSecureIsMyPassword.net and My1Login.net and they seemed to work out all right. According to those sites, it would take 11 quattuordecillion years or 1 trillion trillion trillion years for a computer to crack "DrefnasidRhyd-y-meirchSefydlogiad6*." Similarly, "GlaeruchdyrauGymreigeiddiaiBarcdir0**" would take 429 tredecillion years, or 94 billion trillion trillion years, respectively.

However, as Alice the programmer warns: "It's probably not a good idea to actually use this, since the wordlist is freely available along with the algorithm being used."

So it might not stop a really clever hacker from getting into your email. But it will almost certainly stop a mythic Welsh dragon from stealing your identity. Probably. I'm assuming their claws are pretty clumsy on the keyboard.

Welsh Password Generator [WheresAlice.info]

Image via Lewis Ogden/Flickr (altered)

*Google Translate tells me this means, "The ford of the horses was arranged." I don't know that I trust it—Google Translate is famously sloppy with the grammar of some Celtic languages—but it certainly sounds epic.

**Similarly, this became "Parkland was a Welsh occupation" which sounds like something you would hear on the Breton version of InfoWars. Read the rest

PSA: Digital scammers will try to scam you

I got a fun reminder last night that there a lot of greasy people out there doing a whole lot of greasy shit unto others. Last night, I was taken on a walk down memory lane: I received an email with an old password I used to use in the subject line. Here's what was inside. I've removed the  password from the mix, for obvious reasons:

_________ is yoũr passphrasęs. Lets get right to the point. No person has paid me to check about you. You do nŏt know me and you're mŏst likely wondęrİng why you're getting this e-mail?

İ installed a softwāre on thę adũlt vidęo clips (porno) web-site and gũess what, yoũ visited this site to have fun (yŏu know what i mean). While yŏu were vİęwing vidęŏ clİps, yŏur internet browsęr startęd working as a RDP that has a kęy logger which prŏvided me with āccessİbİlity to your screen ās well as cām. Jũst aftęr thāt, my software gāthered all yoũr cŏntacts from your Messenger, socİal networks, as well ās e-maİlaccount. after thāt i created ā video. 1st part shows the video yoũ were vİewing (you've got a nice tastę lmao), ānd nęxt part displays the ręcordİng ŏf your web cām, yea its yoũ.

Yŏũ actually hāvę two diffęręnt possİbilities. Shall we explŏre these types ŏf choices in āspęcts:

First optİon is tŏ neglect this messāgę. in thİs case, i ām going to sęnd your vęry own video to each one of yoũr contacts and also yoũ can easİly İmāgine ręgarding the humiliātİŏn you will definitely get.

Read the rest