Namechk Finds Where Your Username Is Taken Or Available
Web application Namechk finds available usernames or vanity URLs on more than 80 web sites—so you can own your online presence.
The application checks for available usernames impressively fast, unlike the previously mentioned (and now defunct) usernamecheck.com site—just pop the name into the box and click the chk button and the available usernames will be shown almost immediately.
The web application went down a few times when we first started testing, so you might want to save it for later with the Read It Later extension.
- Next Post: Skype Call Recorder Creates MP3s Of Your Skype Conversations »
- « Previous Post: Exercises That Protect Against Carpal Tunnel Syndrome
Comments (AU Comments | US Comments)
@Bruwinged: er... website :/
Bruwinged
wow..what a seemingly useless program :P
Bruwinged
yes, i'm one of those people who will sign up for sites so other people can't take my userids.
and i know i'm not alone, my sister has the same userid everywhere but one place. she actually gets email from the one girl who has her id somewhere, it drives her nuts. maybe i'll start a name exchange and trade board like commodities
mfusion
And the site is down. Thank you, CNET.
Nicholas Todor
@Oranges w/ Cheese: Yes, this was such a huge problem for hackers before, now we're really screwed. Oh wait, actually the hackers just checked the same way this site does. Nothing to see here.
Deimorz
This is a HUUUUUGE security problem!
Hackers can use this app to see if a potential username is valid (taken) and then set to work cracking passwords!
As a programmer, you are never supposed to give hints that a username is valid - you're just supposed to say "something is wrong" so they don't know what's wrong - the username or password.
This will probably turn out to be like all the domain registration sites that sell lists of searches so that squatters can buy them up.
GoDaddy seems to be the worst at this-- many times I've searched for unique domain names that are listed as available, only to find that they are no longer available the next day...
dwardio
I'm sure Lifehacker has posted something like this before, and besides there are loads of alternatives e.g. [checkusernames.com]
Dammit, I wanted pointyhairedboss2009... it's already taken, damn!
It doesn't work perfectly, it says I have a Bebo and Goodreads account but not a Steam account.
@Deimorz:
well i think the problem is that they have a central place to check multiple site at once instead of going to individual site to check if the username is taken. Yes hackers can do this themselves.. but now they have someone else doing the work for them.
Sang
Lifehacker, you guys broke the site already...or the link is bad. It gives service unavailable 503.
@Deimorz: Oh sure, it isn't like they never did this before, but now they have one centralized convenient place to check :D
@Oranges w/ Cheese: Seriously, if they have the patience to try to hack someone they can write something like this as well. Also, how would your method of not saying if it's wrong work with recovering passwords?
@dwardio: Seconded. I've seen this happen many times, terrible business scheme.
polobunny
I literally bookmarked this sight less than 12 hours ago. I've suggested it to my colleagues (who are all about to graduate from college) to begin registering userids in their name to help protect brand identity.
@Oranges w/ Cheese: This is ridiculous concern. It's nothing you can't do yourself, mind you. Besides, bruteforcing social services is much slower than social engineering or otherwise using the user stupidity against him.
polobunny
@Oranges w/ Cheese: Anybody can go to a site and try to register with a name... and if it's taken, the site says it's taken. This is no different. Why the fuss?
@Oranges w/ Cheese: Good point - so many people have one password for multiple sites. You find one password and find where else they have might have the same user name.
Tommy Arran
@VenomIreland is good at KZ2, is momentarily pleased.:
Same here.
(I already mocked this site on Mashable today, so I'm just going to copy my message from there!)
And what exactly am I supposed to do AFTER using Namechk? Hunt down all the other Michael Bausers on the Web, kill them, and take their accounts? "There can be only one!"
Or am I supposed to go all obsessive-compulsive and register on all 76 sites to make sure I won't be confused with somebody else on a site I don't actually use?
Do those sites really want people registering accounts just to block names? Is that the Web 2.0 method of inflating user counts?
Namechk and its "competitors" (I put that in quotes, because I don't see a real business model) seem to me like weird exercises in narcissism. Anybody who would bother has serious issues. In some cases, they're claiming "ownership" of a SINGLE WORD.
@Michael Bauser: Registering your own name (or company's name) is likely an exercise in controlling brand identity - not narcissm. Why does there have to be a business model for the site? It seems relatively easy to maintain after writing the initial code. I've provided plenty of user interface designs to Lifehacker readers free of charge with no financial incentive whatsoever.
@Michael Bauser: I like how you talk about narcissism in a post you copy/paste into multiple forums so lots of people can read your witty insight...
t1t0
@dwardio:
if you use windows, download microsoft's free "sysinternals" package. Included is the WHOIS command that can be run directly from the command prompt. It searches the name servers directly so you can bypass the middleman who might be logging and registering the domain names you search.
Thanks lifehacker, time to finally become #1 on google for my name.
Interesting that it claims my account name exists at *every* site although the sites themselves say otherwise...
I know I've been somewhat prolific about registering accounts at sites for the past few years, but the sites on namechk's list disagree with the application.
gmerin
@Oranges w/ Cheese: I'd hardly call it HUUUUUUGE. It is one of the lowest barriers to securing a site. It is only a minor risk if people have chosen pathetically weak passwords. http://musashi007.blogspot.com/2009/03/personal-online-security.html http://lifehacker.com/5042616/five-best-password-managers Other issues depend on whether the site allows unlimited retries - easier to brute force. So there are plenty of other tricks that a site designer/developer security professional can do to mitigate this. Furthermore, the problem isn't caused by Name Chck. They simply use the publicly accessible "create new user" functions of the sites and see what they return. Any hacker can do that by going to each site individually themselves, or even writing their own scripts to do just that - not rocket science. No one wants to trade usability for some perceived security non-risk.
KarenaOgygus
Another tool: http://webidenter.com
BertonPers?phonÂ
This isn't very reliable. I just typed in a string of gibberish ("fdkjhlkajhfahea") and it said it was taken at bebo, eBay, Good Reads, and YouTube.
Jordan117
ummmm, I put in "fieanmdkls" and it's taken everywhere.... somehow I doubt that?
@VenomIreland is good at KZ2, is momentarily pleased.:
Can you clarify? Do you have accounts it is not identifying or is it identifying accounts "incorrectly".
jupiterthunder
@VenomIreland is good at KZ2, is momentarily pleased.:
Yeah I can count at least 7 accounts it is missing
Richie Heimbrock
@Jordan117:
That actually isn't that surprising to me.
jupiterthunder
@mfusion:
LOL you actually do that? That's either very pathetic or ridiculously vain.
Prey521
it seems like there is an italian dude who seems to share gymtonic with me, which seems normal as when i sign up to lots of sites gymtonic is usually taken with an italian 30-something male.
mr italian 30somethingmale, icanhazgymtonicplz?
gymtonic
@arienh4: Normally? I use email, which they would have to know in advance + have access to. If they're phishing for usernames to crack and then get info, it isn't quite so easy. I don't know - that's just what I was taught to do as basic security.
OK this thing sucks...every name i type in, no matter what comes up as taken on everything
Donut
@Michael Bauser:
"And what exactly am I supposed to do AFTER using Namechk?" Just wait for phase 2 ...
Andy Edinborough
Server overloads were causing false-positives to pop up. It's fixed now.
Andy Edinborough
@polobunny:
Agreed--awful. We won't be doing this.
Andy Edinborough
@Oranges w/ Cheese:
It's not a security risk because all the information used to check availability is public. If someone is trying to find other places that your username is taken, because you're specifically trying to hack their accounts, it's far easier to just do a google search.
Andy Edinborough
@VenomIreland is good at KZ2, is momentarily pleased.:
I've disabled those sites until they can be diagnosed and fixed. They will likely be renabled tonight.
Andy Edinborough
@Oranges w/ Cheese:
That is the point. It is extremely basic security.
If I wanted to hack your Life Hacker account, I already know your username! It's not exactly a state secret. :-)
Not what I'd call a HUUUUUUGE security risk.
Life Hacker Account vs Banking Account is another matter...
Social Networking sites are designed to have low threshold to entry - if they start making things too complex to get an account, it will reduce traffic to their site.
They may make recommendations of good password practices, but few will enforce them. Users need to take some responsibility, too.
Musashi007
@Andy Edinborough: I don't think it is, you know. Still showing anything I type as taken everywhere.
olliebean
@t1t0: Hey, that wasn't narcissism, that was efficiency. I don't always have time to bless you people with two witty, original, life-changing rants in one day!
Besides, if all the tech blogs are going to recycle the same story today, they should expect some recycled comments.
@Bruwinged: Not only that but it's complete BULLSHIT.
I first put in this name and ALL said TAKEN. ok...
So then I put in a ton of random characters by keymashing (like 3i4nprnf0s9hjnpi2tgwwpjo).
ALL SAID TAKEN.
So, I call shenanigans.
ribex
@olliebean: Same.
ribex
@gmerin: This site is BS. You can put in something like 23kn4rwf0s8ino4wrf0sinp and it will say TAKEN at every site.
ribex
@projectvirus: Site. It's site.
ribex
@projectvirus: see, and someone called me pathetic of vain for doing just that.
mfusion
@Prey521: i just want to protect my identity. if you jump onto sites first, then people cannot impersonate you.
so i think that i've answered both statements right there.
mfusion
@Michael Bauser:
After you kill all the other Michael Bausers, you get to be super powerful...like Jet Li in The One. THAT is what namechk is for.
kftgr
@ribex: Seems useful to me, and that could because the site got knocked down, it was acting weird.
@ribex: haha, funny
Bruwinged
Even my favorite "vnhsygtts54whjtkerts" is taken - at every site! Wow.
GBMax
I'm turning up false negatives -- it's telling me that my username is available at places where I actually have accounts using that name. Some are correct, but many (Facebook, for one) are not.
SanchayaQuintus
The bogus false positives have indeed been fixed. It now reports "Error!" on all sites.
GBMax
@GBMax: Same here.
olliebean