Pelekus – A “Last Login Date” Verifier
What?
Pelekus is a Greasemonkey User Script I wrote that can help you catch unauthorized access to your web accounts.
Why?
You may have noticed that some websites say something like “You last logged in at 9:09pm on 2/1/07″ when you log on? If you’re like me, you’ve learned to ignore this message cause it’s pretty tough to remember when you really logged in last. This script will remember for you an report discrepancies which might indicate that a baddie accessed your account.
How?
Pelekus will take notice each time you log into the account that you’ve set it up to track. It will save the current time, and then, when you log in next, it will compare the expected “You last logged in at” date to the actual date you last logged in. If these don’t match, it probably means someone else somehow got ahold of your password.
What are the drawbacks?
- At this point, Pelekus can only track one account for you. By default, it will work with Citizens Bank.
- You’ll need to modify the script at the points marked “CONFIGURABLE” to set it up for the account you’d like to use. This requires javascript know-how. Firefox’s DOM inspector will be handy.
- Pelekus requires Greasemonkey and Firefox.
- If you log in to the tracked account from more than one computer, even if Pelekus is installed on each, you’ll get false positives.
Why the name ‘Pelekus’?
I started looking for a name for this script at the Wikipedia article on sundials. They measure time. Get it? Well, the ancient Greeks used a sundial called a Pelekinon which was named after a double-headed axe they also used, which was called a Pelekus. I think the latter is easier to pronounce: “pell-eh-kuss”.
Where can I get it?
Right here: Pelekus – A “Last Login Date” Verifier – mercurial repository (released 2/08/2007). It’s GPL’d.
Thanks to Sidereal for the Lumber Woman image.
Further reading
- “The Emperor’s New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies”
