Domain: wijjo.com
Stories and comments across the archive that link to wijjo.com.
Comments · 12
-
Re:no
You're looking for Password Hasher and if you're not on your own computer the demo page will work in (nearly) any browser.
In case you (or someone else) doesn't click it, if you use your UID as the passphrase and "slashdot" as the site tag you get "i0+v+dXNbzPpvpW177NeV9eYnK" at my default settings of 26 characters, upper, lower, numbers and symbols.
For remembering just your UID. How simple is that?
To bump it up and alter the password completely when you change it there is a button that will change "slashdot" to "slashdot:1" - a change that is remembered by your browser, or can be written in a text file as a reminder because that isn't sensitive information.
This is not perfect security but it would go a long way to making identity theft and account hijacking harder if everyone showed their mother and their kids how to use this simple piece of code. They could go on using that one stupid password that is the only thing they can remember but be secure from rainbow tables and GPUs for a few years. -
Re:no
You're looking for Password Hasher and if you're not on your own computer the demo page will work in (nearly) any browser.
In case you (or someone else) doesn't click it, if you use your UID as the passphrase and "slashdot" as the site tag you get "i0+v+dXNbzPpvpW177NeV9eYnK" at my default settings of 26 characters, upper, lower, numbers and symbols.
For remembering just your UID. How simple is that?
To bump it up and alter the password completely when you change it there is a button that will change "slashdot" to "slashdot:1" - a change that is remembered by your browser, or can be written in a text file as a reminder because that isn't sensitive information.
This is not perfect security but it would go a long way to making identity theft and account hijacking harder if everyone showed their mother and their kids how to use this simple piece of code. They could go on using that one stupid password that is the only thing they can remember but be secure from rainbow tables and GPUs for a few years. -
Re:Password Hasher
Are you going to check back AC?
Password Hasher lets you "bump" the password. Adding ":1" on the first bump, incrementing it each time.
Passes can be restricted to being digits only and special characters can be disallowed. Characters generated range from 4 to 26.
This page uses JavaScript to do the same thing as the extension so is completely portable. All you have to remember is how you choose a site tag (typically slashdot for this site, although you can use slashdot.org if you're doing it automatically, or anything else if you want to be left field) and your passphrase. -
Re:Password Hasher
Password Hasher could happily provide you with 26 character strong passwords without the hassle of remembering them.
RTFS. They all have different password requirements. Many sites don't even let you enter 26 characters. Some sites require that you change the password periodically. Password hashing schemes simply do not work.
-
Password Hasher
Password Hasher could happily provide you with 26 character strong passwords without the hassle of remembering them.
-
Re:Do not use standard passwords
Have you ever heard of Password Hasher?
Mine defaults to even for sites that I'll never visit again I have as standard 26 character upper, lower and symbol passwords that I don't have to remember. All I need to know is the passphrase, something like "0nLy 1 Know Thi$ pA$$phrase!" or "mmm pizza". Makes no odds, you still get a 26 char PW that has Ul$ in it.
I know a lot of people don't use Firefox, but this really is a killer extension. -
Re:it is not unusual to forget passwordsThere is a lovely button on Password Hasher that will give you a completely new password by incrementing the base word for your pass by 1.
IE if your word is "slashdot" then pressing the button would yield "slashdot:1" and on the next press "slashdot:2".
When you enter your pass phrase "secret passphrase" with these three iterations you come up with drastically different passwords.
Hashing those three with that passphrase gives:
"o8lrua7x0JkLD/OJXfS8X0GFy0"
"13gagdDwWhBIDFnZvcvTf+lOs4"
"fss5ShpkRzNz3+FGa7qvWqwg9K"When it's that convenient why should changing passwords be a myth?
Admittedly I change my ssh key, WiFi key and a few critical site passwords two or three times a year, but I'm insane. Normal people could manage to update theirs regularly if they bothered to take passwords even remotely seriously. -
Re:Xmarks, KeePass and Encrypted Zip combination
I do something not far off from this, but replace the Xmarks synchronization thing with the portability of the firefox password hasher extension.
1. about the same, make a long master password.
2. use the fiirefox Password Hasher extension: http://wijjo.com/PasswordHasher . It makes a hash using your master password with a site tag to come up with an individual password for each site you're on. So each site doesn't know the password for any other site, and you can either use the extension, or an html file (which calculates the hash with javascript) + copy/paste in order to get the password for any site, portably. -
Re:RTFS
I think this is the extension you are looking for: PasswordHasher. It creates a hash from your master password and the base domain, has options for excluding special symbols from the hash and integrates nicely with the password fields.
If the guy who wrote is your friend, give him my best. What I like the most about this hasher is that it's also available in a standalone html file, which helps when you need to login from a computer without the extension installed. You can host the file yourself, but since it's written in javascript, there's no need to (hashing is done locally). -
Re:RTFS
I think this is the extension you are looking for: PasswordHasher. It creates a hash from your master password and the base domain, has options for excluding special symbols from the hash and integrates nicely with the password fields.
If the guy who wrote is your friend, give him my best. What I like the most about this hasher is that it's also available in a standalone html file, which helps when you need to login from a computer without the extension installed. You can host the file yourself, but since it's written in javascript, there's no need to (hashing is done locally). -
Re:Hmmm..
Ah I see what you mean, mozilla is behind the times again.
The Firefox3 compatible version can be installed from the Password Hasher Homepage. -
Re:Server
Have a look at Passhash add-on for firefox. You only need to remember a single strong master password; the add-on generates different passwords for each site, according to their URL (or site tag).
In cases where the add-on is not locally available, there is a static html page with javascript with the same functionality, that you can host on your home server.