Difference between revisions of "How it works"

From PasswordMaker
Jump to navigationJump to search
Line 5: Line 5:
 
Although one-way hash algorithms have a number of interesting characteristics, the one capitalized on by PasswordMaker is that the resulting hash (password) "does not reveal anything about the input (your <i>master password</i>) that was used to generate it." [http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest]  
 
Although one-way hash algorithms have a number of interesting characteristics, the one capitalized on by PasswordMaker is that the resulting hash (password) "does not reveal anything about the input (your <i>master password</i>) that was used to generate it." [http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest]  
  
In other words, if someone has one or more of your generated passwords, it is ''<i>computationally infeasible</i>'' for him to derive your master password or to calculate your other passwords. [http://www.certifyit.com/_Definitions.htm Computationally infeasible] means even computers [http://krone.physik.unizh.ch/~stadel/zBox/ like this] won't help!  
+
In other words, if someone has one or more of your generated passwords, it is ''<i>computationally infeasible</i>'' for him to derive your master password or to calculate your other passwords. [http://www.certifyit.com/_Definitions.htm Computationally infeasible] means even computers [http://krone.physik.unizh.ch/~stadel/zBox/ like this] won't help!
  
 
Security features offered by the Browser Extension version of PasswordMaker - such as the ability to automatically insert generated passwords into a web sites' password box, helps protect you from [http://en.wikipedia.org/wiki/Keystroke_logging key-loggers] and/or [http://en.wikipedia.org/wiki/Trojan_horse_(computing) trojan horses] that some [http://en.wikipedia.org/wiki/Black_hat <i>Black Hats</i>] use to try to steal passwords. For more details, visit the [[FAQ]].
 
Security features offered by the Browser Extension version of PasswordMaker - such as the ability to automatically insert generated passwords into a web sites' password box, helps protect you from [http://en.wikipedia.org/wiki/Keystroke_logging key-loggers] and/or [http://en.wikipedia.org/wiki/Trojan_horse_(computing) trojan horses] that some [http://en.wikipedia.org/wiki/Black_hat <i>Black Hats</i>] use to try to steal passwords. For more details, visit the [[FAQ]].

Revision as of 16:29, 30 August 2007

You provide PasswordMaker two pieces of information: a master password -- that one, favorite password you like -- and the URL of the website requiring a password (for internet applications without URLs, such as instant messaging, you can make up any URL you like; e.g., aolinstantmessenger.com).

Through the magic of one-way hash algorithms, PasswordMaker calculates what is known as a digital fingerprint - or hash - which can then be used as your password for the website.

Although one-way hash algorithms have a number of interesting characteristics, the one capitalized on by PasswordMaker is that the resulting hash (password) "does not reveal anything about the input (your master password) that was used to generate it." [1]

In other words, if someone has one or more of your generated passwords, it is computationally infeasible for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers like this won't help!

Security features offered by the Browser Extension version of PasswordMaker - such as the ability to automatically insert generated passwords into a web sites' password box, helps protect you from key-loggers and/or trojan horses that some Black Hats use to try to steal passwords. For more details, visit the FAQ.

What About Portability?

For times when you must use non-Firefox browsers or can't install Firefox extensions, there's an online version which mimicks the extension and works in all browsers new and old. No downloads or installations are required. Additionally, stand-alone versions for desktops, mobile phones, and PDAs are coming shortly.