|
.gif)
Most users have accounts on a large number of web sites.
Today, they have a choice of one password for all sites or
a different password for each site. Neither choice is
attractive. This tool produces a different password for
each site from a single password provided by the account
holder.
The screen shot shows a typical use. The user types a
hard to guess password into the first field and an easy to
remember name for the site being accessed. The tool
computes a password to be used for that site. In this
example, the hard to guess password is qwerty.
You should pick a very strong master password, 10 or more
characters that include numbers and special characters.
You can protect yourself further by appending your userid to
the site name, e.g., "amazon, joe@jones.com".
Downloads:
Technical
Report
Python version
Windows executable
The source for the Windows version
A PHP version provided by Gérard Ernaelsten
A Tk version provided by Neil Madden that remembers your
site names
A JavaScript version
There are a number of extensions that can be made. For
example, a pull down menu for site names would be nice.
Versions have been written for PocketPC, Palm, and Nokia
EPOC cell phones in J2ME. There is also a Java applet and a
console version for *nix. Each of these needs improving
before distributing it. If you're interested, contact me.
Versions were produced by the following people:
Alan Karp - Python
Ren Wu - Windows
Kevin Smathers - *nix
Bill Serra - PocketPC
John Schettino - Palm, Nokia, Java Applet
YanQiQi has produced a similar tool called
SuperPassword,
which is available for free. Unfortunately, the algorithm
used in that tool is not portable.
Paul Johnson has produced a bookmarklet
that uses MD5. However, the resulting passwords consist
of only 8 lower case characters and integers. It appears
that the binary to ASCII conversion is something other
than Base64.
|
printable version
.gif){kind=small}
