Editing PasswordMaker:About

From PasswordMaker

Jump to: navigation, search

Warning: The database has been locked for maintenance, so you will not be able to save your edits right now. You may wish to cut-n-paste the text into a text file and save it for later.

The administrator who locked it offered this explanation: It appears something is broken, so the wiki is in Read Only Mode until the attack is blocked, or an up to date version of the wiki is installed

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Current revision Your text
Line 1: Line 1:
== The Problem ==
== The Problem ==
-
 
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.
== Existing Solutions ==
== Existing Solutions ==
-
 
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet?] Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet?] Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.
== Our Solution ==
== Our Solution ==
-
 
PASSWORD'''MAKER''' solves all of these issues. It is a small, lightweight, free, extension for Internet Explorer, [http://www.mozilla.org/products/firefox/ Firefox], [http://www.mozilla.org/products/mozilla1.x/ Mozilla], [http://www.netscape.com/ Netscape], [http://www.flock.com/ Flock], and [http://widgets.yahoo.com/ Yahoo! Widgets] which creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.
PASSWORD'''MAKER''' solves all of these issues. It is a small, lightweight, free, extension for Internet Explorer, [http://www.mozilla.org/products/firefox/ Firefox], [http://www.mozilla.org/products/mozilla1.x/ Mozilla], [http://www.netscape.com/ Netscape], [http://www.flock.com/ Flock], and [http://widgets.yahoo.com/ Yahoo! Widgets] which creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.
== How It Works ==
== How It Works ==
-
 
You provide PASSWORD'''MAKER''' two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PASSWORD'''MAKER''' calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PASSWORD'''MAKER''' is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it."[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest] In other words, if someone has one or more of your generated passwords, it is computationally infeasible for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [http://krone.physik.unizh.ch/~stadel/zBox/ like this] won't help!
You provide PASSWORD'''MAKER''' two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PASSWORD'''MAKER''' calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PASSWORD'''MAKER''' is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it."[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest] In other words, if someone has one or more of your generated passwords, it is computationally infeasible for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [http://krone.physik.unizh.ch/~stadel/zBox/ like this] won't help!
== What About Portability? ==
== What About Portability? ==
-
 
For times when you must use non-Firefox browsers or can't install Firefox extensions, there's an [http://passwordmaker.org/passwordmaker.html online version] which mimicks the extension and works in all browsers new and old. No downloads or installations are required. Additionally, stand-alone versions for desktops, mobile phones, and PDAs are coming shortly.
For times when you must use non-Firefox browsers or can't install Firefox extensions, there's an [http://passwordmaker.org/passwordmaker.html online version] which mimicks the extension and works in all browsers new and old. No downloads or installations are required. Additionally, stand-alone versions for desktops, mobile phones, and PDAs are coming shortly.

Please note that all contributions to PasswordMaker may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see PasswordMaker:Copyrights for details). Do not submit copyrighted work without permission!


Cancel | Editing help (opens in new window)
Personal tools
Toolbox

Donations / Expenses