https://passwordmaker.org/api.php?action=feedcontributions&user=141.162.101.50&feedformat=atomPasswordMaker - User contributions [en]2024-03-28T10:03:22ZUser contributionsMediaWiki 1.35.14https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced&diff=1304Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced2008-08-13T22:43:25Z<p>141.162.101.50: Reformatted & reworded</p>
<hr />
<div>==Advanced Options: Accounts Tab==<br />
<br />
[[Image:Advanced_options-1+.png|Accounts Tab]]<br />
<br />
The left side of the ''Advanced Options'' window is identical to the Basic Options dialog, with the exception/addition of the 'Master Password Hash' feature.<br />
<br />
===1. Menus===<br />
<br />
The functionality provided by the menus is easily ascertained by simply looking at them, but the most important to note is the ''File'' menu, that allows you to:<br />
* Import Settings<br />
* Export Settings<br />
* Print Settings<br />
When Printing your ''settings'', you have the option of including the ''generated passwords'' for your local and remote accounts, but be aware - you will be prompted for your ''master password'' for each and every ''account'', so if you have a lot, this could be time-consuming and confusing.<br />
<br />
'''ToDo:''' This dialog/process needs a 'Cancel' option...<br />
<br />
===2. Master Password Hash===<br />
<br />
The ability to store the ''master password hash'' is a powerful and convenient feature that allows you to verify that the ''master password'' you enter when prompted via the ''master password prompt'' pop-up window is the same one that was used when you generated the ''password'' for the account in question. Here is how it works:<br />
<br />
'''ToDo:''' Add ''how it works'' here<br />
<br />
The fact that you can enter the '''wrong''' ''master password'' is actually indicative of a very subtle yet powerful feature of PasswordMaker that you may not yet have grasped:<br />
* '''there is nothing preventing you from using more than one ''master password'' '''<br />
Using more than one ''master password'' can add greatly to the security provided by PasswordMaker, but doing so also adds a level of complexity that can be confusing. If you choose to do this, you should take some time and define precisely how you will implement it. See '''[[Firefox_/_Gecko#Multiple_Master_Passwords_How-to|this tip]]''' for a scenario that will clarify this issue, and will enable you to easily create your own, unique method.<br />
<br />
* "I use more than one master password" - Because of the way PasswordMaker works, a mechanism for dealing with whether or not you are using a single ''master password'' had to be provided, and is currently implemented with this option.<br />
<br />
:Here is how it works:<br />
<b><br />
:* If it is unchecked, PasswordMaker will use a 'global hash' for all accounts<br />
:* If it is checked, PasswordMaker will use the account-specific hash, if it has been stored</b><br />
<br />
:PasswordMaker will not attempt to verify the master password if:<br />
<b><br />
:* It is unchecked and the master password global hash has not been stored on disk (1.6 behavior), or<br />
:* It is checked but the selected/triggered account has no hash stored on disk<br />
</b><br />
<br />
:You can safely switch between the two 'modes' - meaning, you can safely check and uncheck this option - as doing so does not delete any of the Hashes that have been stored, e.g.:<br />
:* if you uncheck this option after having saved some account specific ''master password'' hashes, and a Global Hash has been stored, it will be used instead of the ''account'' specific hash<br />
:* if no Global Hash has been stored, it will do nothing<br />
:* if you then re-enable this option, the individual Account Hashes that have been stored will again be used<br />
<br />
* Hash status - This indicator simply tells you whether or not the ''master password hash'' has been stored for the selected ''account'' or not. The possible states, which should be self-evident, are:<br />
::* Not stored on disk<br />
::* Doesn't Match<br />
::* Matches<br />
<br />
'''Suggested ToDo:''' Simplify the GUI for this even further by changing it to this:<br><br />
[[Image:New_hash_gui.png]]<br><br />
The button label would be contextual - meaning, it would change between ''Store'' and ''Clear'', depending on whether the Selected Account has its ''master password hash'' already stored or not.<br />
<br />
* Store / Clear Master Password Hash -<br />
<br />
===3. Make Selection Selector===<br />
<table><tr align="left"><td valign="top" width="600"><br />
The ''select box'' allows you to work with your ''Groups'' and ''Accounts''. All of these actions are also available from the ''context menu''.<br />
<br />
When the Accounts tab is selected, there are four buttons directly beneath the tabs. Initially, the only entry shown in the Name column is the Default Options account. The only two buttons that are activated/clickable are the New Group and the Settings buttons.<br><br />
'''New Group''' This button is used to set up a new group -- a container for accounts. When clicked, a dialog is displayed asking for the Folder/Group Name and description. Upon completion of this dialog, the newly-created folder is displayed in the Account Settings dialog along with its description (if one was supplied).<br><br />
'''New Account''' When a group is selected, the New Account button is activated/clickable. This button allows you to define custom password-generation settings for specific URLs that should be handled differently than all other ("default") URLs. When the button is pressed, a New Account entry is created and the [account-settings.xhtml Account-Specific Settings] dialog is displayed.<br><br />
'''Delete Selection''' As the name indicates, this button deletse the selected account or the selected group. Use caution here, however. If a group is deleted, all the accounts within that group are also deleted. You are prompted for confirmation before anything is deleted.<br><br />
'''Settings''' When the Settings button is pressed or an account is double-clicked, the PasswordMaker [account-settings.xhtml Account-Specific Settings] dialog is displayed. This dialog allows you to define custom password-generation settings for the selected account; for example, how long the password should be for your email account at gmail.com.</td><br />
<td valign="top"><br />
[[Image:Make_selection.png]]<br />
</td></tr></table><br />
<br />
===4. ''Defaults'' settings===<br />
<br />
===5. Custom Account Group===<br />
<br />
<br />
<br />
===6. Custom Account===<br />
<br />
<br />
<br />
==Advanced Options: Global Settings Tab==<br />
<br />
[[Image:advanced_options-2+.png|Global Settings Tab]]<br />
<br />
Here you'll define settings which apply to all of PasswordMaker. Currently, there are seven checkboxes and one drop-down:<br />
<br />
*1. Mask Generated Password - when checked, generated passwords are masked with asterisks so that they are not legible to the casual observer<br />
*2. '''Hide Master Password Field (number of asterisks)''' This option causes the master password box to be completely concealed, thereby disabling the casual observer to determine the password length by counting asterisks<br />
*3. Confirm ''master password'' by typing it twice - <br />
*4. Show all passwords on web pages as clear text - <br />
*5. Enable auto-complete on pages that disable it - (todo: describe why this is valuable)<br />
*6. Auto-clear clipboard ''n'' seconds after copying it there - this security feature prevents you from having to remember to clear the clipboard of generated passwords. If checked, the clipboard is automatically cleared ''n'' seconds after pressing the Copy to Clipboard button, where ''n'' is the value entered in the associated input field. However, before clearing the clipboard, PasswordMaker checks that nothing else has been copied there since the generated password. If something has been copied there since then, the clipboard contents are not cleared. This prevents other data in the clipboard from being overwritten<br />
*7. Show status-bar indicator - <br />
*8. Action to take when coolkey (or ALT-`) is activated - the four options are:<br><br />
[[Image:Coolkey_actions.png|Coolkey Actions]]<br><br />
::1. ''Do nothing,'' which means ... do nothing<br />
::2. ''Populate all fields,'' which means that all fields will be populated (todo: clearly PasswordMaker doesn't populate '''all''' fields, so describe this better)<br />
::3. ''Populate empty fields only,'' which means that only empty password fields will be populated<br />
::4. ''Clear all fields,'' which means all the fields on the web page will be cleared<br />
<br />
==Upload / Download Tab==<br />
<br />
<br />
<br />
==Special Domains Tab==<br />
<br />
[[Image:button.jpg|l33t]]<br><br />
Some domains mandate the use of subdomains. The most common examples of this are [http://en.wikipedia.org/wiki/CcTLD ccTLD]s (country code top-level domains), such as .uk. A domain in .uk never exists without a [http://en.wikipedia.org/wiki/Second-level_domain SLD] (second-level domain), such as .co.uk.<br />
<br />
Some domains even require third-level domains; for example, government departments in Australia must include a regional subdomain (e.g., .nsw for New South Wales) followed by .gov.au. In other words, government departments in New South Wales, Australia, must be in the .nsw.gov.au domain.<br />
<br />
Finally, some countries issue domain names in both their ccTLD '''''and''''' in SLDs. Japan is an example: their ccTLD is .jp. They issue domains in both .jp and .co.jp. (see [http://jprs.jp/ http://jprs.jp] and [http://jprs.jp/ http://jprs.co.jp]).<br />
<br />
With the myriad possibilities for required subdomains, PasswordMaker can't account for them all. It includes some common ones -- the list of which grows from release to release (the ''default'' list). However, you are free to add/remove your own using the '''Special Domains Dialog'''. Your customizations to the special domains list are exported when using the '''Export Preferences''' feature, and imported when using the '''Import Preferences''' feature (providing the file being imported contains special domains). In this way, you can easily transfer customized lists to other PasswordMaker installations.<br />
<br />
===Account Settings===<br />
<br />
====URLs Tab====<br />
<br />
PasswordMaker uses what are called URL patterns to detect when you are on a page for a particular account that you have specified.<br />
<br />
'''<SPAN style="color: red;">Important</SPAN>''': The pattern(s) you define should be secure and specific enough to avoid false positives and prevent phishing attacks.<br />
<br />
PasswordMaker supports two types of patterns: ''wildcard'' and ''regular expression''.<br />
<br />
=====Wildcard Patterns=====<br />
<br />
''Wildcards'' are pervasive throughout computing; you've most likely seen them before. The asterisk (<TT>*</TT>) represents zero or more characters and the question mark (<TT>?</TT>) any ''single'' character in the URL to match. In Unix, this is referred to as globbing. These wildcard characters are often used for matching filenames.<br><br />
<br />
Here are some examples:<br />
<br />
<PRE>*.yahoo.com/*</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
Everything in Yahoo's domain<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
<br />
http://mail.google.com/<br />
</td></tr></table><br />
<br />
<PRE>*mail.yahoo.com*</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
http://mail.yahoo.com/<br />
https://1.mail.yahoo.com.spoof.net/<br />
http://mail.yahoo.com/clownshoes/<br />
http://mail.yahoo.com/inbox/123.html<br />
ftp://mail.yahoo.com<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
<br />
http://maps.yahoo.com<br />
</td></tr></table><br />
<br />
<PRE>http://??.wikipedia.org/wiki/Clown</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
http://en.wikipedia.org/wiki/Clown<br />
http://de.wikipedia.org/wiki/Clown<br />
http://cs.wikipedia.org/wiki/Clown<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
<br />
https://en.wikipedia.org/wiki/Clown<br><br />
http://de.wikipedia.org/wiki/Clown/<br><br />
ftp://en.wikipedia.org/wiki/Clown<br><br />
</td></tr></table><br />
<br />
<PRE>http://digg.com/</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
http://digg.com/<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
<br />
http://digg.com<br><br />
http://www.digg.com/<br />
</td></tr></table><br />
<br />
<PRE>*://*.asimov.???/*</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
ftp://ftp.asimov.net/<br><br />
ftp://ftp.asimov.com/theory.html<br><br />
http://bear.asimov.net/mom/<br><br />
https://isaac.asimov.org/hercules<br><br />
gopher://asimov.net/<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
<br />
ftp://ftp.asimov.co.uk<br><br />
http://isaac.home.com/tin.php<br />
</td></tr></table><br />
<br />
<PRE>*</PRE><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Matches'''<br />
<br />
(Matches everything)<br />
</td><br />
<td valign="top"><br />
<br />
'''Non-Matches'''<br />
</td></tr></table><br />
<br />
=====Regular Expression Patterns=====<br />
<br />
''Regular expressions'' are also pervasive throughout computing, although they are sometimes considered an advanced topic. Regular expressions are like "wildcards on steroids" because they are more powerful and flexible, but their goal is similar to wildcards: define a means with which to match arbitrary text.<br />
<br />
For those already familiar with regular expressions, PasswordMaker adheres to the [http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Guide:Regular_Expressions JavaScript 1.5 regular expression] syntax. When in doubt, refer to this guide. Do not surround regular expressions with forward slashes like this: /abc/<br />
Further Reading<br />
<br />
Entire books have been written about regular expressions, so rather than discuss them here, we refer you to some free, valuable on-line resources which teach everything you need to know about them. This list is by no means concise, and we have no affiliation with these resources.<br />
<br />
* [http://www.regular-expressions.info/ Regular Expression Tutorial and Reference] - One of the most comprehensive, free regular expression tutorials on the net.<br />
* [http://regexadvice.com/ RegexAdvice.com] - Forums and blogs dedicated to regular expressions.<br />
* [http://www.regexlib.com/ Regular Expression Library] - Currently contains over 1000 expressions from contributors around the world.<br />
* [http://etext.lib.virginia.edu/services/helpsheets/unix/regex.html Using Regular Expressions] - Brief introduction to regular expressions<br />
* [http://regexlib.com/cheatsheet.aspx Regular Expression Cheat Sheet] - A one page printable reference for regular expressions<br />
* [http://rudd-o.com/projects/wp-search-replace/wp-search-replace-regexptut/ Regular expressions: a short tutorial] - A five-minute tutorial on how to learn the most useful regular expressions<br />
* [http://wiki.castlecops.com/A_list_of_Regex_topics A List of Regex Topics] - Wiki with various topics about regular expressions.<br />
* [http://www.regex.info/ Mastering Regular Expressions] - Official website for Jeffrey Friedl's book.<br />
* [http://www.regenechsen.de/phpwcms/index.php?regex_englisch Regenechsen] - Beginners regular expression tutorial with exercises.<br />
<br />
Thanks, Wikipedia.<br />
<br />
Of course, you can always ask for regular expression advice in the the [http://forums.passwordmaker.org PasswordMaker Forums].<br />
<br />
===Context Menu===<br />
<br />
===Menu===</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced&diff=1303Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced2008-08-13T22:19:21Z<p>141.162.101.50: Added todo's and italics</p>
<hr />
<div>==Advanced Options: Accounts Tab==<br />
<br />
[[Image:Advanced_options-1+.png|Accounts Tab]]<br />
<br />
The left side of the ''Advanced Options'' window is identical to the Basic Options dialog, with the exception/addition of the 'Master Password Hash' feature.<br />
<br />
===1. Menus===<br />
<br />
The functionality provided by the menus is easily ascertained by simply looking at them, but the most important to note is the ''File'' menu, that allows you to:<br />
* Import Settings<br />
* Export Settings<br />
* Print Settings<br />
When Printing your ''settings'', you have the option of including the ''generated passwords'' for your local and remote accounts, but be aware - you will be prompted for your ''master password'' for each and every ''account'', so if you have a lot, this could be time-consuming and confusing.<br />
<br />
'''ToDo:''' This dialog/process needs a 'Cancel' option...<br />
<br />
===2. Master Password Hash===<br />
<br />
The ability to store the ''master password hash'' is a powerful and convenient feature that allows you to verify that the ''master password'' you enter when prompted via the ''master password prompt'' pop-up window is the same one that was used when you generated the ''password'' for the account in question. Here is how it works:<br />
<br />
'''ToDo:''' Add ''how it works'' here<br />
<br />
The fact that you can enter the '''wrong''' ''master password'' is actually indicative of a very subtle yet powerful feature of PasswordMaker that you may not yet have grasped:<br />
* '''there is nothing preventing you from using more than one ''master password'' '''<br />
Using more than one ''master password'' can add greatly to the security provided by PasswordMaker, but doing so also adds a level of complexity that can be confusing. If you choose to do this, you should take some time and define precisely how you will implement it. See '''[[Firefox_/_Gecko#Multiple_Master_Passwords_How-to|this tip]]''' for a scenario that will clarify this issue, and will enable you to easily create your own, unique method.<br />
<br />
* "I use more than one master password" - Because of the way PasswordMaker works, a mechanism for dealing with whether or not you are using a single ''master password'' had to be provided, and is currently implemented with this option.<br />
<br />
:Here is how it works:<br />
<b><br />
:* If it is unchecked, PasswordMaker will use a 'global hash' for all accounts<br />
:* If it is checked, PasswordMaker will use the account-specific hash, if it has been stored</b><br />
<br />
:PasswordMaker will not attempt to verify the master password if:<br />
<b><br />
:* It is unchecked and the master password global hash has not been stored on disk (1.6 behavior), or<br />
:* It is checked but the selected/triggered account has no hash stored on disk<br />
</b><br />
<br />
:You can safely switch between the two 'modes' - meaning, you can safely check and uncheck this option - as doing so does not delete any of the Hashes that have been stored, e.g.:<br />
:* if you uncheck this option after having saved some account specific ''master password'' hashes, and a Global Hash has been stored, it will be used instead of the ''account'' specific hash<br />
:* if no Global Hash has been stored, it will do nothing<br />
:* if you then re-enable this option, the individual Account Hashes that have been stored will again be used<br />
<br />
* Hash status - This indicator simply tells you whether or not the ''master password hash'' has been stored for the selected ''account'' or not. The possible states, which should be self-evident, are:<br />
::* Not stored on disk<br />
::* Doesn't Match<br />
::* Matches<br />
<br />
'''Suggested ToDo:''' Simplify the GUI for this even further by changing it to this:<br><br />
[[Image:New_hash_gui.png]]<br><br />
The button label would be contextual - meaning, it would change between ''Store'' and ''Clear'', depending on whether the Selected Account has its ''master password hash'' already stored or not.<br />
<br />
* Store / Clear Master Password Hash -<br />
<br />
===3. Make Selection Selector===<br />
<table><tr align="left"><td valign="top" width="600"><br />
The ''select box'' allows you to work with your ''Groups'' and ''Accounts''. All of these actions are also available from the ''context menu''.<br />
<br />
When the Accounts tab is selected, there are four buttons directly beneath the tabs. Initially, the only entry shown in the Name column is the Default Options account. The only two buttons that are activated/clickable are the New Group and the Settings buttons.<br><br />
'''New Group''' This button is used to set up a new group -- a container for accounts. When clicked, a dialog is displayed asking for the Folder/Group Name and description. Upon completion of this dialog, the newly-created folder is displayed in the Account Settings dialog along with its description (if one was supplied).<br><br />
'''New Account''' When a group is selected, the New Account button is activated/clickable. This button allows you to define custom password-generation settings for specific URLs that should be handled differently than all other ("default") URLs. When the button is pressed, a New Account entry is created and the [account-settings.xhtml Account-Specific Settings] dialog is displayed.<br><br />
'''Delete Selection''' As the name indicates, this button deletse the selected account or the selected group. Use caution here, however. If a group is deleted, all the accounts within that group are also deleted. You are prompted for confirmation before anything is deleted.<br><br />
'''Settings''' When the Settings button is pressed or an account is double-clicked, the PasswordMaker [account-settings.xhtml Account-Specific Settings] dialog is displayed. This dialog allows you to define custom password-generation settings for the selected account; for example, how long the password should be for your email account at gmail.com.</td><br />
<td valign="top"><br />
[[Image:Make_selection.png]]<br />
</td></tr></table><br />
<br />
===4. ''Defaults'' settings===<br />
<br />
===5. Custom Account Group===<br />
<br />
<br />
<br />
===6. Custom Account===<br />
<br />
<br />
<br />
==Advanced Options: Global Settings Tab==<br />
<br />
[[Image:advanced_options-2+.png|Global Settings Tab]]<br />
<br />
Here you'll define settings which apply to all of PasswordMaker. Currently, there are seven checkboxes and one drop-down:<br />
<br />
*1. Mask Generated Password - when checked, generated passwords are masked with asterisks so that they are not legible to the casual observer<br />
*2. '''Hide Master Password Field (number of asterisks)''' This option causes the master password box to be completely concealed, thereby disabling the casual observer to determine the password length by counting asterisks<br />
*3. Confirm ''master password'' by typing it twice - <br />
*4. Show all passwords on web pages as clear text - <br />
*5. Enable auto-complete on pages that disable it - (todo: describe why this is valuable)<br />
*6. Auto-clear clipboard ''n'' seconds after copying it there - this security feature prevents you from having to remember to clear the clipboard of generated passwords. If checked, the clipboard is automatically cleared ''n'' seconds after pressing the Copy to Clipboard button, where ''n'' is the value entered in the associated input field. However, before clearing the clipboard, PasswordMaker checks that nothing else has been copied there since the generated password. If something has been copied there since then, the clipboard contents are not cleared. This prevents other data in the clipboard from being overwritten<br />
*7. Show status-bar indicator - <br />
*8. Action to take when coolkey (or ALT-`) is activated - the four options are:<br><br />
[[Image:Coolkey_actions.png|Coolkey Actions]]<br><br />
::1. ''Do nothing,'' which means ... do nothing<br />
::2. ''Populate all fields,'' which means that all fields will be populated (todo: clearly PasswordMaker doesn't populate '''all''' fields, so describe this better)<br />
::3. ''Populate empty fields only,'' which means that only empty password fields will be populated<br />
::4. ''Clear all fields,'' which means all the fields on the web page will be cleared<br />
<br />
==Upload / Download Tab==<br />
<br />
<br />
<br />
==Special Domains Tab==<br />
<br />
[[Image:button.jpg|l33t]]<br><br />
Some domains mandate the use of subdomains. The most common examples of this are [http://en.wikipedia.org/wiki/CcTLD ccTLD]s (country code top-level domains), such as .uk. A domain in .uk never exists without a [http://en.wikipedia.org/wiki/Second-level_domain SLD] (second-level domain), such as .co.uk.<br />
<br />
Some domains even require third-level domains; for example, government departments in Australia must include a regional subdomain (e.g., .nsw for New South Wales) followed by .gov.au. In other words, government departments in New South Wales, Australia, must be in the .nsw.gov.au domain.<br />
<br />
Finally, some countries issue domain names in both their ccTLD '''''and''''' in SLDs. Japan is an example: their ccTLD is .jp. They issue domains in both .jp and .co.jp. (see [http://jprs.jp/ http://jprs.jp] and [http://jprs.jp/ http://jprs.co.jp]).<br />
<br />
With the myriad possibilities for required subdomains, PasswordMaker can't account for them all. It includes some common ones -- the list of which grows from release to release (the ''default'' list). However, you are free to add/remove your own using the '''Special Domains Dialog'''. Your customizations to the special domains list are exported when using the '''Export Preferences''' feature, and imported when using the '''Import Preferences''' feature (providing the file being imported contains special domains). In this way, you can easily transfer customized lists to other PasswordMaker installations.<br />
<br />
===Account Settings===<br />
<br />
====URLs Tab====<br />
<br />
PasswordMaker uses what are called URL patterns to detect when you are on a page for a particular account that you have specified.<br />
<br />
It is important that the pattern(s) you define are both secure, and specific enough to avoid false positives and prevent phishing attacks.<br />
<br />
There are two types of patterns that PasswordMaker supports: '''wildcards''' and '''regular expressions'''.<br />
<br />
'''Wildcards'''<br />
<br />
''Wildcards'' are pervasive throughout computing; you've most likely seen them before. The '''asterisk''' (*) substitutes as a ''wildcard'' character for zero or more characters, and the '''question mark''' (?) substitutes as a ''wildcard'' character for any ''single'' character. In Unix, this is referred to as glob expansion.<br><br><br />
<br />
'''Wildcard Examples'''<br><br><br />
<br />
<u>'''URL Pattern:''' *.yahoo.com/*</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
Everything in Yahoo's domain<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
<br />
http://mail.google.com/<br />
</td></tr></table><br><br />
<br />
<u>'''URL Pattern:''' *mail.yahoo.com*</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
http://mail.yahoo.com/<br />
https://1.mail.yahoo.com.spoof.net/<br />
http://mail.yahoo.com/clownshoes/<br />
http://mail.yahoo.com/inbox/123.html<br />
ftp://mail.yahoo.com<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
<br />
http://maps.yahoo.com<br />
</td></tr></table><br><br />
<br />
<u>'''URL Pattern:''' http://??.wikipedia.org/wiki/Clown</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
http://en.wikipedia.org/wiki/Clown<br />
http://de.wikipedia.org/wiki/Clown<br />
http://cs.wikipedia.org/wiki/Clown<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
<br />
https://en.wikipedia.org/wiki/Clown<br><br />
http://de.wikipedia.org/wiki/Clown/<br><br />
ftp://en.wikipedia.org/wiki/Clown<br><br />
</td></tr></table><br><br />
<br />
<u>'''URL Pattern:''' http://digg.com/</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
http://digg.com/<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
<br />
http://digg.com<br><br />
http://www.digg.com/<br />
</td></tr></table><br><br />
<br />
<u>'''URL Pattern:''' *://*.asimov.???/*</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
ftp://ftp.asimov.net/<br><br />
ftp://ftp.asimov.com/theory.html<br><br />
http://bear.asimov.net/mom/<br><br />
https://isaac.asimov.org/hercules<br><br />
gopher://asimov.net/<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
<br />
ftp://ftp.asimov.co.uk<br><br />
http://isaac.home.com/tin.php<br />
</td></tr></table><br><br />
<br />
<u>'''URL Pattern:''' *</u><br />
<br />
<table><tr align="left"><td valign="top" width="345"><br />
'''Some Matches'''<br />
<br />
Matches everything<br />
</td><br />
<td valign="top"><br />
<br />
'''Some Non-Matches'''<br />
</td></tr></table><br><br />
<br />
'''Regular Expressions'''<br />
<br />
''Regular expressions'' are also pervasive throughout computing, although they are sometimes considered an advanced topic. Regular expressions are like "wildcards on steroids" because they are more powerful and flexible, but their goal is similar to wildcards: define a means with which to match arbitrary text.<br />
<br />
For those already familiar with regular expressions, PasswordMaker adheres to the [http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Guide:Regular_Expressions JavaScript 1.5 regular expression] syntax. When in doubt, refer to this guide. Do not surround regular expressions with forward slashes like this: /abc/<br />
Further Reading<br />
<br />
Entire books have been written about regular expressions, so rather than discuss them here, we refer you to some free, valuable on-line resources which teach everything you need to know about them. This list is by no means concise, and we have no affiliation with these resources.<br />
<br />
* [http://www.regular-expressions.info/ Regular Expression Tutorial and Reference] - One of the most comprehensive, free regular expression tutorials on the net.<br />
* [http://regexadvice.com/ RegexAdvice.com] - Forums and blogs dedicated to regular expressions.<br />
* [http://www.regexlib.com/ Regular Expression Library] - Currently contains over 1000 expressions from contributors around the world.<br />
* [http://etext.lib.virginia.edu/services/helpsheets/unix/regex.html Using Regular Expressions] - Brief introduction to regular expressions<br />
* [http://regexlib.com/cheatsheet.aspx Regular Expression Cheat Sheet] - A one page printable reference for regular expressions<br />
* [http://rudd-o.com/projects/wp-search-replace/wp-search-replace-regexptut/ Regular expressions: a short tutorial] - A five-minute tutorial on how to learn the most useful regular expressions<br />
* [http://wiki.castlecops.com/A_list_of_Regex_topics A List of Regex Topics] - Wiki with various topics about regular expressions.<br />
* [http://www.regex.info/ Mastering Regular Expressions] - Official website for Jeffrey Friedl's book.<br />
* [http://www.regenechsen.de/phpwcms/index.php?regex_englisch Regenechsen] - Beginners regular expression tutorial with exercises.<br />
<br />
Thanks, Wikipedia.<br />
<br />
Of course, you can always ask for regular expression advice in the the [http://forums.passwordmaker.org PasswordMaker Forums].<br />
<br />
===Context Menu===<br />
<br />
===Menu===</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted&diff=1302Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted2008-08-13T21:35:18Z<p>141.162.101.50: Major rewrite</p>
<hr />
<div><table><tr align="left"><td valign="top" width="345"><br />
__TOC__</td><br />
<td valign="top"><br />
This edition of PasswordMaker is a small, lightweight, free (licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source license), extension for many of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
<br />
It creates unique, secure passwords that are very easy for you, and no one else, to create and use. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.<br />
<br />
Much of the following information is applicable '''only''' to the 1.7.x versions of PasswordMaker. If you are using an older version, please [https://addons.mozilla.org/en-US/firefox/addon/469 upgrade], and then come back here to learn how to take advantage of all of the unique and powerful features PWM has to offer.<br />
<br />
<br />
<br />
<br />
'''The [http://passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced Advanced Usage] page still needs a bit of work, but for all intents and purposes, the wiki is now considered stable enough for anyone and everyone to start adding to it.'''<br />
</td></tr></table><br />
<br />
==First Things First==<br />
<br />
In order to prevent some of the most common errors - and to save you a lot of confusion and frustration - you are strongly encouraged to read this entire page, along with the [[Faq|FAQ]], at least once prior to attempting to use PasswordMaker.<br />
<br />
===Precautions and Caveats===<br />
<br />
PasswordMaker has two different 'modes' that it can operate in - ''Basic'', and ''Advanced''.<br />
<br />
Using PasswordMaker in ''Basic'' mode (using only the ''Basic Options'') is very secure, and is the recommended way to start out, but there are certain things you should understand in order to avoid problems - the most common of which is locking yourself out of one of your online accounts.<br />
<br />
With this in mind, it is best to:<br />
*be sure that you have defined an alternate email address for any important accounts, so you will be able to 'reset' or 'recover' your password in the event that you lock yourself out (this is a good thing to do anyway, whether you use PasswordMaker or not)<br />
*practice a few times on a throw away account, like gmail or yahoo - but the first recommendation still applies<br />
*start out using PasswordMaker in ''Basic'' mode - but first learn the difference between ''Basic'' and ''Advanced'' modes so that you will know if/when you need to switch to the ''Advanced'' mode<br />
<br />
'''Note:''' PasswordMaker is currently unable to populate ''Basic HTTP Auth'' pop-up prompts like this:<br><br />
[[Image:Basic_http_auth.png]]<br />
<br />
===''Basic'' and ''Advanced'' Modes - Differences===<br />
<br />
The main difference between the two modes is primarily one of complexity, in the form of the large number of configuration options. We will get into each in detail below, but for now:<br />
<br />
*PasswordMaker uses the concept of ''Accounts'' to identify a group of ''settings'' that work together to generate a password<br />
<br />
*'''In ''Basic'' mode''', there is only one ''account'' that matters (referred to as the ''Defaults account'') - so, only one group of ''settings'' (referred to as the ''Defaults settings''), that are applied to every site that you log into<br />
- The main advantage of using only the ''Basic'' options is simplicity<br />
<br />
*<b>In ''Advanced'' mode</b><br />
**you can create as many unique ''accounts'' as desired, each of which has its own ''settings'' that are applied only when that account is used<br />
**you must specify the URL(s) that identify each account<br />
**you can specify <b>multiple</b> URLs for any given ''account'', which means:<br />
***PasswordMaker will use the same ''settings'' for all of those ''sites''<br />
***PasswordMaker will generate the same ''password'' for all of those ''sites''<br />
**you can optionally save the ''master password hash'', which is a very convenient and safe way to verify that you have entered the same ''master password'' (when logging into a site) as when you created the password - essentially preventing any ''failed logins''<br />
- The main advantage of using the 'Advanced' options is the ability to customize the way PasswordMaker behaves for different sites/accounts<br />
<br />
===Password Generation - Parameters and Triggers===<br />
<br />
Regardless of which mode you are using, PasswordMaker makes it very easy to generate unique passwords for different sites on demand - and can optionally ''automatically'' detect when you are on a login page - or via a simple keystroke or toolbar button click - prompt you for the ''master password'', and then populate both the username and password fields.<br />
<br />
*The parameters used to generate any given password are:<br />
**the contents of the ''Using Text'' field, which by default is the ''URL components'' you have enabled (the default is to only use the [http://en.wikipedia.org/wiki/Top-level_domain TLD (top-level domain)] - e.g., ''passwordmaker.org''<br />
**the username, if defined<br />
**the ''extended attributes'' as provided, or modified by you<br />
**the ''master password'' used<br />
<br />
*There are two ways PasswordMaker can be ''triggered'' into action:<br />
**manually, using the ''ctrl-`'' key combination, or<br />
**automatically, if the ''Auto-populate'' option is enabled<br />
***if ''Auto-populate'' is '''enabled''' for the ''Defaults account'', it can be selectively '''disabled''' for individual custom ''accounts'', or<br />
***if ''Auto-populate'' is '''disabled''' for the ''Defaults account'', it can be selectively '''enabled''' for individual custom ''accounts''<br />
**if there is no password field detected on the current web page, PasswordMaker will do nothing<br />
<br />
When PasswordMaker is ''triggered'', it compares the currently detected ''URL pattern'' - which consists of only the components enabled in the ''Defaults settings'' - against the defined ''URL patterns'' for all of your custom ''accounts'', and<br />
*if a match is '''not''' found in any custom ''accounts'' that you have defined, then the ''Defaults settings'' will be used<br />
*if only one ''account'' contains a pattern match, the ''Master Password Prompt'' window is opened<br />
*if more than one ''account'' contains a pattern match, the ''Account Selection'' window opens first, allowing you to select which ''Account'' you want to use, and '''then''' the ''Master Password Prompt'' window is opened<br />
<br />
==Installation and Initial Configuration==<br />
<br />
For Firefox, SeaMonkey, Mozilla Suite and Netscape, the installation is done automatically from [https://addons.mozilla.org/en-US/firefox/addon/469 addons.mozilla.org].<br><br />
Beta Releases can be downloaded from [http://passwordmaker.org/beta.html here]<br><br />
Older Releasescan be downloaded from [http://passwordmaker.org/installation2.html here]<br />
<br />
When the installation is complete, a restart of your browser is required to make PasswordMaker available for use. Once you have successfully installed PasswordMaker, there are three ways to open it:<br />
<br />
* the PasswordMaker option from the Tools sub-menu:<br />
[[Image:tools-open.png]]<br />
* the Toolbar icon (golden ring):<br />
[[Image:Toolbar-1.7.gif]]<br />
* the '''&lt;ctrl&gt; `''' shortcut key (almost always above the 'Tab' key) which looks like this on en-US keyboards: [[Image:Tildakey.gif|` - key]]<br />
<br />
For Mozilla and Netscape users, the toolbar icon is installed by default. For Firefox users, the toolbar icon must be manually added by using the "View -&gt; Toolbars -&gt; Customize" menu, and then dragging the golden ring icon on to the toolbar.<br />
<br />
TODO: need Flock installation instructions...<br />
<br />
Once you've installed the extension and configured the Toolbar to your liking, you can ''Open'' PasswordMaker by either clicking on the main toolbar button (the golden ring are presented with the Basic Options screen:<br />
<br />
==Basic Mode / Options==<br />
<br />
[[Image:basic_options-pointers.png]]<br />
<br />
Here we describe the textboxes and buttons on the Basic Options dialog.<br />
<br />
===1. Master Password===<br />
<br />
Your ONE "password to rule them all". This password, when combined with a URL (or whatever text string you choose), hash algorithm, optional l33t-speak, username, and counter, is used to generate unique, site-specific passwords, as explained in the introduction.<br />
<br />
Note: the reference to 'One' ''master password'' is more symbolic than anything, as there is nothing to prevent you from using 2, 5, or as many different ''master passwords'' as you like - although that kind of defeats the purpose of PasswordMaker, which is to make things simpler, right?<br />
<br />
===2. Store Master Password===<br />
<br />
Once you have entered a ''master password'', you can click in this box and be presented with three options:<br />
[[Image:basic-store-mpw-options.png]]<br />
*'''Not at all''' - the master password is not stored anywhere at any time (memory or disk). This is the most secure option, but also the least convenient because you are prompted to enter the master password everytime a password is generated.<br />
*'''In memory''' - the master password is stored encrypted in the browser's memory but not on disk. This option provides a reasonable trade-off between security and convenience. You won't be prompted to enter the master password again until all browser instances have closed (disposing memory contents), and the browser is re-opened. The master password is encrypted in memory so that if it's written to disk by the operating system as part of a swap file/paging file, it can't easily be decrypted.<br />
*'''Store master password on disk and in memory''' - the master password is stored encrypted on the local hard drive and in memory. This option is the least secure, but the most convenient. You won't ever be prompted to enter the master password when using this option. Note: although the encryption used to store the master password is strong, the encryption/decryption key is also stored on your local hard drive. This makes decryption of the master password relatively simple. You should not use this option unless either (a) you are the only person with access to the hard drive, or (b) you are comfortable with the master password possibly being decrypted by others.<br />
<br />
To erase the master password and encryption key from disk and memory, select the '''Not at all''' option, or simply clear the master password field from either the Tools sub-menu or the context menu:<br><br />
[[Image:context-clear-mpw.png]]<br />
<br />
===3. Using Text===<br />
<br />
By default, this shows only the ''URL components'' of the current URL being used to generate the password, but you can change this to anything you want. <br />
<br />
[[Image:basic-using-text.png]]<br />
<br />
===4. Generated Password===<br />
<br />
Here you see the generated password. It'll be shown as plain text, or encrypted depending on your setting in the 'Global Settings' tab. <br />
<br />
[[Image:basic-generated-password.png]]<br />
<br />
===5. Copy Generated Password to Clipboard===<br />
<br />
This button copies the generated password to the clipboard where it remains for the amount of time specified amount in the [[advanced-options.xhtml|Advanced Options]] dialog (10 seconds by default).<br />
<br />
===6. Advanced Options===<br />
<br />
Clicking here will switch to the ''Advanced'' mode/options.<br />
<br />
[[Image:basic-adv-opt.png]]<br />
<br />
===7. Close===<br />
<br />
The ''Close'' button closes the current dialog.<br />
<br />
==Using PasswordMaker In 'Basic' Mode==<br />
<br />
There are three ways that you will use PasswordMaker from this point forward (assuming you stick with it - and please do - it is well worth the effort - once you 'get it', you'll never know how you lived without it):<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Generate_Password_for_a_New_Account|to generate a password for a new account when you are first signing up]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Password_Change_Procedure|to change the password for an existing account]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Log-In_to_an_Existing_Account|to log into an account that you have already changed to a PasswordMaker password]]<br />
<br />
Without PasswordMaker, when you go to any site that requires a username and password, you would manually type in your username, then your password, then click the 'Login' button (or sometimes you can just hit the ''Enter'' key).<br />
<br />
You will still have to do this for each site that you use, in order to ''convert'' the site to work properly with PasswordMaker - but only one more time. From that time forward, you will be able to use PasswordMaker to populate those fields for you, quickly and securely, only having to remember your ''master password''.<br />
<br />
As was suggested earlier, please choose some non-essential sites to do first, and make sure that you have properly set up an alternate email address, so that you can unlock the account if you inadvertently lock yourself out of it.<br />
<br />
So, to get started, either:<br />
* click here and print out the page that opens, so that you have these full instructions for changing your password handy, or<br />
* open the site you will be using in a new [http://en.wikipedia.org/wiki/Browser_tab browser tab], and flip between the two sites that way<br />
* follow the instructions for ''changing your password'' to one that PasswordMaker generates<br />
<br />
===Generate Password for a New Account===<br />
<br />
<br />
<br />
===Password Change Procedure===<br />
<br />
When you go to a site which requires a password, PasswordMaker's behavior depends on the settings. It can auto-populate the password field or, if you right click on the password field, you can select '''PasswordMaker''' in the context menu (todo: link to context-menu section). In either case, if PasswordMaker does not know your master password, it will prompt you for it. Once PasswordMaker has your master password, it will populate the password field for you. The generated password could be account specific or based on the default account settings, depending upon how you have things configured.<br />
<br />
Of course, PasswordMaker cannot know the current password for a site (or service) if you didn't use PasswordMaker to create it. You must change the password at that site (or service) to the password generated by PasswordMaker so that PasswordMaker can provide it thereafter. Just log into the site (or service), navigate to the change password form, enter your old password, ask PasswordMaker to generate a password for that site, and put it in the new password and confirmation fields. Here's an animated example of this process:<br />
<br />
<swf width="663" height="358">ChangePasswordDemo.swf</swf><br />
<br />
===Log Into an Existing Account===<br />
<br />
When you visit a site which requires a password, just enter your username, right click on the password box, and select '''PasswordMaker'''. If you have not saved your master password, PasswordMaker will ask you for it. Then, PasswordMaker will generate a password for that site, based upon your settings, and populate the password field with your password. (todo: discuss CoolKey or link to CoolKey section). Just click on the log in button to log into the site as usual.<br />
<br />
Here is a video showing this process in action:<br />
<swf width="453" height="456">Passwordmaker_login.swf</swf><br />
<br />
====Help====<br />
<br />
This button displays the help page.</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted&diff=1301Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted2008-08-13T21:26:39Z<p>141.162.101.50: Major rewrite</p>
<hr />
<div><table><tr align="left"><td valign="top" width="345"><br />
__TOC__</td><br />
<td valign="top"><br />
This edition of PasswordMaker is a small, lightweight, free (licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source license), extension for many of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
<br />
It creates unique, secure passwords that are very easy for you, and no one else, to create and use. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.<br />
<br />
Much of the following information is applicable '''only''' to the 1.7.x versions of PasswordMaker. If you are using an older version, please [https://addons.mozilla.org/en-US/firefox/addon/469 upgrade], and then come back here to learn how to take advantage of all of the unique and powerful features PWM has to offer.<br />
<br />
<br />
<br />
<br />
'''The [http://passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced Advanced Usage] page still needs a bit of work, but for all intents and purposes, the wiki is now considered stable enough for anyone and everyone to start adding to it.'''<br />
</td></tr></table><br />
<br />
==First Things First==<br />
<br />
In order to prevent some of the most common errors - and to save you a lot of confusion and frustration - you are strongly encouraged to read this entire page, along with the [[Faq|FAQ]], at least once prior to attempting to use PasswordMaker.<br />
<br />
===Precautions and Caveats===<br />
<br />
PasswordMaker has two different 'modes' that it can operate in - ''Basic'', and ''Advanced''.<br />
<br />
Using PasswordMaker in ''Basic'' mode (using only the ''Basic Options'') is very secure, and is the recommended way to start out, but there are certain things you should understand in order to avoid problems - the most common of which is locking yourself out of one of your online accounts.<br />
<br />
With this in mind, it is best to:<br />
*be sure that you have defined an alternate email address for any important accounts, so you will be able to 'reset' or 'recover' your password in the event that you lock yourself out (this is a good thing to do anyway, whether you use PasswordMaker or not)<br />
*practice a few times on a throw away account, like gmail or yahoo - but the first recommendation still applies<br />
*start out using PasswordMaker in ''Basic'' mode - but first learn the difference between ''Basic'' and ''Advanced'' modes so that you will know if/when you need to switch to the ''Advanced'' mode<br />
<br />
'''Note:''' PasswordMaker is currently unable to populate ''Basic HTTP Auth'' pop-up prompts like this:<br><br />
[[Image:Basic_http_auth.png]]<br />
<br />
===''Basic'' and ''Advanced'' Modes - Differences===<br />
<br />
The main difference between the two modes is primarily one of complexity, in the form of the large number of configuration options. We will get into each in detail below, but for now:<br />
<br />
*PasswordMaker uses the concept of ''Accounts'' to identify a group of ''settings'' that work together to generate a password<br />
<br />
*'''In ''Basic'' mode''', there is only one ''account'' that matters (referred to as the ''Defaults account'') - so, only one group of ''settings'' (referred to as the ''Defaults settings''), that are applied to every site that you log into<br />
- The main advantage of using only the ''Basic'' options is simplicity<br />
<br />
*<b>In ''Advanced'' mode</b><br />
**you can create as many unique ''accounts'' as desired, each of which has its own ''settings'' that are applied only when that account is used<br />
**you must specify the URL(s) that identify each account<br />
**you can specify <b>multiple</b> URLs for any given ''account'', which means:<br />
***PasswordMaker will use the same ''settings'' for all of those ''sites''<br />
***PasswordMaker will generate the same ''password'' for all of those ''sites''<br />
**you can optionally save the ''master password hash'', which is a very convenient and safe way to verify that you have entered the same ''master password'' (when logging into a site) as when you created the password - essentially preventing any ''failed logins''<br />
- The main advantage of using the 'Advanced' options is the ability to customize the way PasswordMaker behaves for different sites/accounts<br />
<br />
===Password Generation - Parameters and Triggers===<br />
<br />
Regardless of which mode you are using, PasswordMaker makes it very easy to generate unique passwords for different sites on demand - and can optionally ''automatically'' detect when you are on a login page - or via a simple keystroke or toolbar button click - prompt you for the ''master password'', and then populate both the username and password fields.<br />
<br />
*The parameters used to generate any given password are:<br />
**the contents of the ''Using Text'' field, which by default is the ''URL components'' you have enabled (the default is to only use the [http://en.wikipedia.org/wiki/Top-level_domain TLD (top-level domain)] - e.g., ''passwordmaker.org''<br />
**the username, if defined<br />
**the ''extended attributes'' as provided, or modified by you<br />
**the ''master password'' used<br />
<br />
*There are two ways PasswordMaker can be ''triggered'' into action:<br />
**manually, using the ''ctrl-`'' key combination, or<br />
**automatically, if the ''Auto-populate'' option is enabled<br />
***if ''Auto-populate'' is '''enabled''' for the ''Defaults account'', it can be selectively '''disabled''' for individual custom ''accounts'', or<br />
***if ''Auto-populate'' is '''disabled''' for the ''Defaults account'', it can be selectively '''enabled''' for individual custom ''accounts''<br />
**if there is no password field detected on the current web page, PasswordMaker will do nothing<br />
<br />
When PasswordMaker is ''triggered'', it compares the currently detected ''URL pattern'' - which consists of only the components enabled in the ''Defaults settings'' - against the defined ''URL patterns'' for all of your custom ''accounts'', and<br />
*if a match is '''not''' found in any custom ''accounts'' that you have defined, then the ''Defaults settings'' will be used<br />
*if only one ''account'' contains a pattern match, the ''Master Password Prompt'' window is opened<br />
*if more than one ''account'' contains a pattern match, the ''Account Selection'' window opens first, allowing you to select which ''Account'' you want to use, and '''then''' the ''Master Password Prompt'' window is opened<br />
<br />
==Installation and Initial Configuration==<br />
<br />
For Firefox, SeaMonkey, Mozilla Suite and Netscape, the installation is done automatically from [https://addons.mozilla.org/en-US/firefox/addon/469 addons.mozilla.org].<br><br />
Beta Releases can be downloaded from [http://passwordmaker.org/beta.html here]<br><br />
Older Releasescan be downloaded from [http://passwordmaker.org/installation2.html here]<br />
<br />
When the installation is complete, a restart of your browser is required to make PasswordMaker available for use. Once you have successfully installed PasswordMaker, there are three ways to open it:<br />
<br />
* the PasswordMaker option from the Tools sub-menu:<br />
[[Image:tools-open.png]]<br />
* the Toolbar icon (golden ring):<br />
[[Image:Toolbar-1.7.gif]]<br />
* the '''&lt;ctrl&gt; `''' shortcut key (almost always above the 'Tab' key) which looks like this on en-US keyboards: [[Image:Tildakey.gif|` - key]]<br />
<br />
For Mozilla and Netscape users, the toolbar icon is installed by default. For Firefox users, the toolbar icon must be manually added by using the "View -&gt; Toolbars -&gt; Customize" menu, and then dragging the golden ring icon on to the toolbar.<br />
<br />
TODO: need Flock installation instructions...<br />
<br />
Once you've installed the extension and configured the Toolbar to your liking, you can ''Open'' PasswordMaker by either clicking on the main toolbar button (the golden ring are presented with the Basic Options screen:<br />
<br />
==Basic Mode / Options==<br />
<br />
[[Image:basic_options-pointers.png]]<br />
<br />
Here we describe the textboxes and buttons on the Basic Options dialog.<br />
<br />
===1. Master Password===<br />
<br />
Your ONE "password to rule them all". This password, when combined with a URL (or whatever text string you choose), hash algorithm, optional l33t-speak, username, and counter, is used to generate unique, site-specific passwords, as explained in the introduction.<br />
<br />
Note: the reference to 'One' ''master password'' is more symbolic than anything, as there is nothing to prevent you from using 2, 5, or as many different ''master passwords'' as you like - although that kind of defeats the purpose of PasswordMaker, which is to make things simpler, right?<br />
<br />
===2. Store Master Password===<br />
<br />
Once you have entered a ''master password'', you can click in this box and be presented with three options:<br />
[[Image:basic-store-mpw-options.png]]<br />
*'''Not at all''' - the master password is not stored anywhere at any time (memory or disk). This is the most secure option, but also the least convenient because you are prompted to enter the master password everytime a password is generated.<br />
*'''In memory''' - the master password is stored encrypted in the browser's memory but not on disk. This option provides a reasonable trade-off between security and convenience. You won't be prompted to enter the master password again until all browser instances have closed (disposing memory contents), and the browser is re-opened. The master password is encrypted in memory so that if it's written to disk by the operating system as part of a swap file/paging file, it can't easily be decrypted.<br />
*'''Store master password on disk and in memory''' - the master password is stored encrypted on the local hard drive and in memory. This option is the least secure, but the most convenient. You won't ever be prompted to enter the master password when using this option. Note: although the encryption used to store the master password is strong, the encryption/decryption key is also stored on your local hard drive. This makes decryption of the master password relatively simple. You should not use this option unless either (a) you are the only person with access to the hard drive, or (b) you are comfortable with the master password possibly being decrypted by others.<br />
<br />
To erase the master password and encryption key from disk and memory, select the '''Not at all''' option, or simply clear the master password field from either the Tools sub-menu or the context menu:<br><br />
[[Image:context-clear-mpw.png]]<br />
<br />
===3. Using Text===<br />
<br />
By default, this shows only the ''URL components'' of the current URL being used to generate the password, but you can change this to anything you want. <br />
<br />
[[Image:basic-using-text.png]]<br />
<br />
===4. Generated Password===<br />
<br />
Here you see the generated password. It'll be shown as plain text, or encrypted depending on your setting in the 'Global Settings' tab. <br />
<br />
[[Image:basic-generated-password.png]]<br />
<br />
===5. Copy Generated Password to Clipboard===<br />
<br />
This button copies the generated password to the clipboard where it remains for the amount of time specified amount in the [[advanced-options.xhtml|Advanced Options]] dialog (10 seconds by default).<br />
<br />
===6. Advanced Options===<br />
<br />
Clicking here will switch to the ''Advanced'' mode/options.<br />
<br />
[[Image:basic-adv-opt.png]]<br />
<br />
===7. Close===<br />
<br />
The ''Close'' button closes the current dialog.<br />
<br />
==Using PasswordMaker In 'Basic' Mode==<br />
<br />
There are three ways that you will use PasswordMaker from this point forward (assuming you stick with it - and please do - it is well worth the effort - once you 'get it', you'll never know how you lived without it):<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Generate_Password_for_a_New_Account|to generate a password for a new account when you are first signing up]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Password_Change_Procedure|to change the password for an existing account]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Log-In_to_an_Existing_Account|to log into an account that you have already changed to a PasswordMaker password]]<br />
<br />
Without PasswordMaker, when you go to any site that requires a username and password, you would manually type in your username, then your password, then click the 'Login' button (or sometimes you can just hit the ''Enter'' key).<br />
<br />
You will still have to do this for each site that you use, in order to ''convert'' the site to work properly with PasswordMaker - but only one more time. From that time forward, you will be able to use PasswordMaker to populate those fields for you, quickly and securely, only having to remember your ''master password''.<br />
<br />
As was suggested earlier, please choose some non-essential sites to do first, and make sure that you have properly set up an alternate email address, so that you can unlock the account if you inadvertently lock yourself out of it.<br />
<br />
So, to get started, either:<br />
* click here and print out the page that opens, so that you have these full instructions for changing your password handy, or<br />
* open the site you will be using in a new [http://en.wikipedia.org/wiki/Browser_tab browser tab], and flip between the two sites that way<br />
* follow the instructions for ''changing your password'' to one that PasswordMaker generates<br />
<br />
===Generate Password for a New Account===<br />
<br />
<br />
<br />
===Password Change Procedure===<br />
<br />
When you go to a site which requires a password, PasswordMaker's behavior depends on the settings. It can auto-populate the password field or, if you right click on the password field, you can select '''PasswordMaker''' in the context menu (todo: link to context-menu section). In either case, if PasswordMaker does not know your master password, it will prompt you for it. Once PasswordMaker has your master password, it will populate the password field for you. The generated password could be account specific or based on the default account settings, depending upon how you have things configured.<br />
<br />
Of course, PasswordMaker cannot know the current password for a site (or service) if you didn't use PasswordMaker to create it. You must change the password at that site (or service) to the password generated by PasswordMaker so that PasswordMaker can provide it thereafter. Just log into the site (or service), navigate to the change password form, enter your old password, ask PasswordMaker to generate a password for that site, and put it in the new password and confirmation fields. Here's an animated example of this process:<br />
<br />
<swf width="663" height="358">ChangePasswordDemo.swf</swf><br />
<br />
===Log-In to an Existing Account===<br />
<br />
When you visit a site which requires a password, just enter your username and right click on the password box and select PasswordMaker to fill in your password, which is determined by your settings. (todo: discuss CoolKey or link to CoolKey section). Then, when you click on the login button, you will be logged into the site. Here is another animated example:<br />
<br />
<swf width="453" height="456">Passwordmaker_login.swf</swf><br />
<br />
====Help====<br />
<br />
This button displays the help page.</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted&diff=1300Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted2008-08-13T16:20:20Z<p>141.162.101.50: tried to fix apparently broken link to advanced options</p>
<hr />
<div><table><tr align="left"><td valign="top" width="345"><br />
__TOC__</td><br />
<td valign="top"><br />
This edition of PasswordMaker is a small, lightweight, free (licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source license), extension for many of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
<br />
It creates unique, secure passwords that are very easy for you, and no one else, to create and use. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.<br />
<br />
Much of the following information is applicable '''only''' to the 1.7.x versions of PasswordMaker. If you are using an older version, please [https://addons.mozilla.org/en-US/firefox/addon/469 upgrade], and then come back here to learn how to take advantage of all of the unique and powerful features PWM has to offer.<br />
<br />
<br />
<br />
<br />
'''The [http://passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced Advanced Usage] page still needs a bit of work, but for all intents and purposes, the wiki is now considered stable enough for anyone and everyone to start adding to it.'''<br />
</td></tr></table><br />
<br />
==First Things First==<br />
<br />
In order to prevent some of the most common errors - and to save you a lot of confusion and frustration - you are strongly encouraged to read this entire page, along with the [[Faq|FAQ]], at least once prior to attempting to use PasswordMaker.<br />
<br />
===Precautions and Caveats===<br />
<br />
PasswordMaker has two different 'modes' that it can operate in - ''Basic'', and ''Advanced''.<br />
<br />
Using PasswordMaker in ''Basic'' mode (using only the ''Basic Options'') is very secure, and is the recommended way to start out, but there are certain things you should understand in order to avoid problems - the most common of which is locking yourself out of one of your online accounts.<br />
<br />
With this in mind, it is best to:<br />
*be sure that you have defined an alternate email address for any important accounts, so you will be able to 'reset' or 'recover' your password in the event that you lock yourself out (this is a good thing to do anyway, whether you use PasswordMaker or not)<br />
*practice a few times on a throw away account, like gmail or yahoo - but the first recommendation still applies<br />
*start out using PasswordMaker in ''Basic'' mode - but first learn the difference between ''Basic'' and ''Advanced'' modes so that you will know if/when you need to switch to the ''Advanced'' mode<br />
<br />
'''Note:''' PasswordMaker is currently unable to populate ''Basic HTTP Auth'' pop-up prompts like this:<br><br />
[[Image:Basic_http_auth.png]]<br />
<br />
===''Basic'' and ''Advanced'' Modes - Differences===<br />
<br />
The main difference between the two modes is primarily one of complexity, in the form of the large number of configuration options. We will get into each in detail below, but for now:<br />
<br />
*PasswordMaker uses the concept of ''Accounts'' to identify a group of ''settings'' that work together to generate a password<br />
<br />
*'''In ''Basic'' mode''', there is only one ''account'' that matters (referred to as the ''Defaults account'') - so, only one group of ''settings'' (referred to as the ''Defaults settings''), that are applied to every site that you log into<br />
- The main advantage of using only the ''Basic'' options is simplicity<br />
<br />
*<b>In ''Advanced'' mode</b><br />
**you can create as many unique ''accounts'' as desired, each of which has its own ''settings'' that are applied only when that account is used<br />
**you must specify the URL(s) that identify each account<br />
**you can specify <b>multiple</b> URLs for any given ''account'', which means:<br />
***PasswordMaker will use the same ''settings'' for all of those ''sites''<br />
***PasswordMaker will generate the same ''password'' for all of those ''sites''<br />
**you can optionally save the ''master password hash'', which is a very convenient and safe way to verify that you have entered the same ''master password'' (when logging into a site) as when you created the password - essentially preventing any ''failed logins''<br />
- The main advantage of using the 'Advanced' options is the ability to customize the way PasswordMaker behaves for different sites/accounts<br />
<br />
===Password Generation - Parameters and Triggers===<br />
<br />
Regardless of which mode you are using, PasswordMaker makes it very easy to generate unique passwords for different sites on demand - and can optionally ''automatically'' detect when you are on a login page - or via a simple keystroke or toolbar button click - prompt you for the ''master password'', and then populate both the username and password fields.<br />
<br />
*The parameters used to generate any given password are:<br />
**the contents of the ''Using Text'' field, which by default is the ''URL components'' you have enabled (the default is to only use the [http://en.wikipedia.org/wiki/Top-level_domain TLD (top-level domain)] - e.g., ''passwordmaker.org''<br />
**the username, if defined<br />
**the ''extended attributes'' as provided, or modified by you<br />
**the ''master password'' used<br />
<br />
*There are two ways PasswordMaker can be ''triggered'' into action:<br />
**manually, using the ''ctrl-`'' key combination, or<br />
**automatically, if the ''Auto-populate'' option is enabled<br />
***if ''Auto-populate'' is '''enabled''' for the ''Defaults account'', it can be selectively '''disabled''' for individual custom ''accounts'', or<br />
***if ''Auto-populate'' is '''disabled''' for the ''Defaults account'', it can be selectively '''enabled''' for individual custom ''accounts''<br />
**if there is no password field detected on the current web page, PasswordMaker will do nothing<br />
<br />
When PasswordMaker is ''triggered'', it compares the currently detected ''URL pattern'' - which consists of only the components enabled in the ''Defaults settings'' - against the defined ''URL patterns'' for all of your custom ''accounts'', and<br />
*if a match is '''not''' found in any custom ''accounts'' that you have defined, then the ''Defaults settings'' will be used<br />
*if only one ''account'' contains a pattern match, the ''Master Password Prompt'' window is opened<br />
*if more than one ''account'' contains a pattern match, the ''Account Selection'' window opens first, allowing you to select which ''Account'' you want to use, and '''then''' the ''Master Password Prompt'' window is opened<br />
<br />
==Installation and Initial Configuration==<br />
<br />
For Firefox, SeaMonkey, Mozilla Suite and Netscape, the installation is done automatically from [https://addons.mozilla.org/en-US/firefox/addon/469 addons.mozilla.org].<br><br />
Beta Releases can be downloaded from [http://passwordmaker.org/beta.html here]<br><br />
Older Releasescan be downloaded from [http://passwordmaker.org/installation2.html here]<br />
<br />
When the installation is complete, a restart of your browser is required to make PasswordMaker available for use. Once you have successfully installed PasswordMaker, there are three ways to open it:<br />
<br />
* the PasswordMaker option from the Tools sub-menu:<br />
[[Image:tools-open.png]]<br />
* the Toolbar icon (golden ring):<br />
[[Image:Toolbar-1.7.gif]]<br />
* the '''&lt;ctrl&gt; `''' shortcut key (almost always above the 'Tab' key) which looks like this on en-US keyboards: [[Image:Tildakey.gif|` - key]]<br />
<br />
For Mozilla and Netscape users, the toolbar icon is installed by default. For Firefox users, the toolbar icon must be manually added by using the "View -&gt; Toolbars -&gt; Customize" menu, and then dragging the golden ring icon on to the toolbar.<br />
<br />
TODO: need Flock installation instructions...<br />
<br />
Once you've installed the extension and configured the Toolbar to your liking, you can ''Open'' PasswordMaker by either clicking on the main toolbar button (the golden ring are presented with the Basic Options screen:<br />
<br />
==Basic Mode / Options==<br />
<br />
[[Image:basic_options-pointers.png]]<br />
<br />
Here we describe the textboxes and buttons on the Basic Options dialog.<br />
<br />
===1. Master Password===<br />
<br />
Your ONE "password to rule them all". This password, when combined with a URL (or whatever text string you choose), hash algorithm, optional l33t-speak, username, and counter, is used to generate unique, site-specific passwords, as explained in the introduction.<br />
<br />
Note: the reference to 'One' ''master password'' is more symbolic than anything, as there is nothing to prevent you from using 2, 5, or as many different ''master passwords'' as you like - although that kind of defeats the purpose of PasswordMaker, which is to make things simpler, right?<br />
<br />
===2. Store Master Password===<br />
<br />
Once you have entered a ''master password'', you can click in this box and be presented with three options:<br />
[[Image:basic-store-mpw-options.png]]<br />
*'''Not at all''' - the master password is not stored anywhere at any time (memory or disk). This is the most secure option, but also the least convenient because you are prompted to enter the master password everytime a password is generated.<br />
*'''In memory''' - the master password is stored encrypted in the browser's memory but not on disk. This option provides a reasonable trade-off between security and convenience. You won't be prompted to enter the master password again until all browser instances have closed (disposing memory contents), and the browser is re-opened. The master password is encrypted in memory so that if it's written to disk by the operating system as part of a swap file/paging file, it can't easily be decrypted.<br />
*'''Store master password on disk and in memory''' - the master password is stored encrypted on the local hard drive and in memory. This option is the least secure, but the most convenient. You won't ever be prompted to enter the master password when using this option. Note: although the encryption used to store the master password is strong, the encryption/decryption key is also stored on your local hard drive. This makes decryption of the master password relatively simple. You should not use this option unless either (a) you are the only person with access to the hard drive, or (b) you are comfortable with the master password possibly being decrypted by others.<br />
<br />
To erase the master password and encryption key from disk and memory, select the '''Not at all''' option, or simply clear the master password field from either the Tools sub-menu or the context menu:<br><br />
[[Image:context-clear-mpw.png]]<br />
<br />
===3. Using Text===<br />
<br />
By default, this shows only the ''URL components'' of the current URL being used to generate the password, but you can change this to anything you want. <br />
<br />
[[Image:basic-using-text.png]]<br />
<br />
===4. Generated Password===<br />
<br />
Here you see the generated password. It'll be shown as plain text, or encrypted depending on your setting in the 'Global Settings' tab. <br />
<br />
[[Image:basic-generated-password.png]]<br />
<br />
===5. Copy Generated Password to Clipboard===<br />
<br />
This button copies the generated password to the clipboard where it remains for the amount of time specified amount in the [[advanced-options.xhtml|Advanced Options]] dialog (10 seconds by default).<br />
<br />
===6. Advanced Options===<br />
<br />
Clicking here will switch to the ''Advanced'' mode/options.<br />
<br />
[[Image:basic-adv-opt.png]]<br />
<br />
===7. Close===<br />
<br />
The ''Close'' button closes the current dialog.<br />
<br />
==Using PasswordMaker In 'Basic' Mode==<br />
<br />
There are three ways that you will use PasswordMaker from this point forward (assuming you stick with it - and please do - it is well worth the effort - once you 'get it', you'll never know how you lived without it):<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Generate_Password_for_a_New_Account|to generate a password for a new account when you are first signing up]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Password_Change_Procedure|to change the password for an existing account]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Log-In_to_an_Existing_Account|to log into an account that you have already changed to a PasswordMaker password]]<br />
<br />
Without PasswordMaker, when you go to any site that requires a username and password, you would manually type in your username, then your password, then click the 'Login' button (or sometimes you can just hit the ''Enter'' key).<br />
<br />
You will still have to do this for each site that you use, in order to ''convert'' the site to work properly with PasswordMaker - but only one more time. From that time forward, you will be able to use PasswordMaker to populate those fields for you, quickly and securely, only having to remember your ''master password''.<br />
<br />
As was suggested earlier, please choose some non-essential sites to do first, and make sure that you have properly set up an alternate email address, so that you can unlock the account if you inadvertently lock yourself out of it.<br />
<br />
So, to get started, either:<br />
* click here and print out the page that opens, so that you have these full instructions for changing your password handy, or<br />
* open the site you will be using in a new [http://en.wikipedia.org/wiki/Browser_tab browser tab], and flip between the two sites that way<br />
* follow the instructions for ''changing your password'' to one that PasswordMaker generates<br />
<br />
===Generate Password for a New Account===<br />
<br />
<br />
<br />
===Password Change Procedure===<br />
<br />
When you go to a site which requires a password, PasswordMaker, depending on the settings, will either auto populate the password field, let you right click on the password field and give you the selection PasswordMaker in the context menu (todo: link to context-menu section). Then, depending on whether PasswordMaker knows your master password, or not, it will prompt you for your master password and populate the password box on the site, or just populate the password box on the site.<br />
<br />
Again, depending on your settings, the password populated in to the password field of the site will either be an account specific, or a default password.<br />
<br />
After PasswordMaker has been installed, you should decide whether you wish to log in to your online account, be it a bank account, a subscription type service, with an account / URL specific password, or a default password. The account specific password will be set up with a URL, so that PasswordMaker knows to use those specific settings for the site with the URL set up.<br />
<br />
Of course, PasswordMaker can not and will not know your site specific password, unless you change the password of the site or service to the password generated by PasswordMaker. You do this by logging in to the site in question and select to change the password on that site. Typically, you will supply your old password and then a new password, which you will the have to enter again to confirm the new password. Here's an animated example of this process:<br />
<br />
<swf width="663" height="358">ChangePasswordDemo.swf</swf><br />
<br />
===Log-In to an Existing Account===<br />
<br />
When you visit a site which requires a password, just enter your username and right click on the password box and select PasswordMaker to fill in your password, which is determined by your settings. (todo: discuss CoolKey or link to CoolKey section). Then, when you click on the login button, you will be logged into the site. Here is another animated example:<br />
<br />
<swf width="453" height="456">Passwordmaker_login.swf</swf><br />
<br />
====Help====<br />
<br />
This button displays the help page.</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted&diff=1299Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted2008-08-13T15:23:48Z<p>141.162.101.50: s/define/specify/, s/these/those/</p>
<hr />
<div><table><tr align="left"><td valign="top" width="345"><br />
__TOC__</td><br />
<td valign="top"><br />
This edition of PasswordMaker is a small, lightweight, free (licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source license), extension for many of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
<br />
It creates unique, secure passwords that are very easy for you, and no one else, to create and use. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.<br />
<br />
Much of the following information is applicable '''only''' to the 1.7.x versions of PasswordMaker. If you are using an older version, please [https://addons.mozilla.org/en-US/firefox/addon/469 upgrade], and then come back here to learn how to take advantage of all of the unique and powerful features PWM has to offer.<br />
<br />
<br />
<br />
<br />
'''The [http://passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced Advanced Usage] page still needs a bit of work, but for all intents and purposes, the wiki is now considered stable enough for anyone and everyone to start adding to it.'''<br />
</td></tr></table><br />
<br />
==First Things First==<br />
<br />
In order to prevent some of the most common errors - and to save you a lot of confusion and frustration - you are strongly encouraged to read this entire page, along with the [[Faq|FAQ]], at least once prior to attempting to use PasswordMaker.<br />
<br />
===Precautions and Caveats===<br />
<br />
PasswordMaker has two different 'modes' that it can operate in - ''Basic'', and ''Advanced''.<br />
<br />
Using PasswordMaker in ''Basic'' mode (using only the ''Basic Options'') is very secure, and is the recommended way to start out, but there are certain things you should understand in order to avoid problems - the most common of which is locking yourself out of one of your online accounts.<br />
<br />
With this in mind, it is best to:<br />
*be sure that you have defined an alternate email address for any important accounts, so you will be able to 'reset' or 'recover' your password in the event that you lock yourself out (this is a good thing to do anyway, whether you use PasswordMaker or not)<br />
*practice a few times on a throw away account, like gmail or yahoo - but the first recommendation still applies<br />
*start out using PasswordMaker in ''Basic'' mode - but first learn the difference between ''Basic'' and ''Advanced'' modes so that you will know if/when you need to switch to the ''Advanced'' mode<br />
<br />
'''Note:''' PasswordMaker is currently unable to populate ''Basic HTTP Auth'' pop-up prompts like this:<br><br />
[[Image:Basic_http_auth.png]]<br />
<br />
===''Basic'' and ''Advanced'' Modes - Differences===<br />
<br />
The main difference between the two modes is primarily one of complexity, in the form of the large number of configuration options. We will get into each in detail below, but for now:<br />
<br />
*PasswordMaker uses the concept of ''Accounts'' to identify a group of ''settings'' that work together to generate a password<br />
<br />
*'''In ''Basic'' mode''', there is only one ''account'' that matters (referred to as the ''Defaults account'') - so, only one group of ''settings'' (referred to as the ''Defaults settings''), that are applied to every site that you log into<br />
- The main advantage of using only the ''Basic'' options is simplicity<br />
<br />
*<b>In ''Advanced'' mode</b><br />
**you can create as many unique ''accounts'' as desired, each of which has its own ''settings'' that are applied only when that account is used<br />
**you must specify the URL(s) that identify each account<br />
**you can specify <b>multiple</b> URLs for any given ''account'', which means:<br />
***PasswordMaker will use the same ''settings'' for all of those ''sites''<br />
***PasswordMaker will generate the same ''password'' for all of those ''sites''<br />
**you can optionally save the ''master password hash'', which is a very convenient and safe way to verify that you have entered the same ''master password'' (when logging into a site) as when you created the password - essentially preventing any ''failed logins''<br />
- The main advantage of using the 'Advanced' options is the ability to customize the way PasswordMaker behaves for different sites/accounts<br />
<br />
===Password Generation - Parameters and Triggers===<br />
<br />
Regardless of which mode you are using, PasswordMaker makes it very easy to generate unique passwords for different sites on demand - and can optionally ''automatically'' detect when you are on a login page - or via a simple keystroke or toolbar button click - prompt you for the ''master password'', and then populate both the username and password fields.<br />
<br />
*The parameters used to generate any given password are:<br />
**the contents of the ''Using Text'' field, which by default is the ''URL components'' you have enabled (the default is to only use the [http://en.wikipedia.org/wiki/Top-level_domain TLD (top-level domain)] - e.g., ''passwordmaker.org''<br />
**the username, if defined<br />
**the ''extended attributes'' as provided, or modified by you<br />
**the ''master password'' used<br />
<br />
*There are two ways PasswordMaker can be ''triggered'' into action:<br />
**manually, using the ''ctrl-`'' key combination, or<br />
**automatically, if the ''Auto-populate'' option is enabled<br />
***if ''Auto-populate'' is '''enabled''' for the ''Defaults account'', it can be selectively '''disabled''' for individual custom ''accounts'', or<br />
***if ''Auto-populate'' is '''disabled''' for the ''Defaults account'', it can be selectively '''enabled''' for individual custom ''accounts''<br />
**if there is no password field detected on the current web page, PasswordMaker will do nothing<br />
<br />
When PasswordMaker is ''triggered'', it compares the currently detected ''URL pattern'' - which consists of only the components enabled in the ''Defaults settings'' - against the defined ''URL patterns'' for all of your custom ''accounts'', and<br />
*if a match is '''not''' found in any custom ''accounts'' that you have defined, then the ''Defaults settings'' will be used<br />
*if only one ''account'' contains a pattern match, the ''Master Password Prompt'' window is opened<br />
*if more than one ''account'' contains a pattern match, the ''Account Selection'' window opens first, allowing you to select which ''Account'' you want to use, and '''then''' the ''Master Password Prompt'' window is opened<br />
<br />
==Installation and Initial Configuration==<br />
<br />
For Firefox, SeaMonkey, Mozilla Suite and Netscape, the installation is done automatically from [https://addons.mozilla.org/en-US/firefox/addon/469 addons.mozilla.org].<br><br />
Beta Releases can be downloaded from [http://passwordmaker.org/beta.html here]<br><br />
Older Releasescan be downloaded from [http://passwordmaker.org/installation2.html here]<br />
<br />
When the installation is complete, a restart of your browser is required to make PasswordMaker available for use. Once you have successfully installed PasswordMaker, there are three ways to open it:<br />
<br />
* the PasswordMaker option from the Tools sub-menu:<br />
[[Image:tools-open.png]]<br />
* the Toolbar icon (golden ring):<br />
[[Image:Toolbar-1.7.gif]]<br />
* the '''&lt;ctrl&gt; `''' shortcut key (almost always above the 'Tab' key) which looks like this on en-US keyboards: [[Image:Tildakey.gif|` - key]]<br />
<br />
For Mozilla and Netscape users, the toolbar icon is installed by default. For Firefox users, the toolbar icon must be manually added by using the "View -&gt; Toolbars -&gt; Customize" menu, and then dragging the golden ring icon on to the toolbar.<br />
<br />
TODO: need Flock installation instructions...<br />
<br />
Once you've installed the extension and configured the Toolbar to your liking, you can ''Open'' PasswordMaker by either clicking on the main toolbar button (the golden ring are presented with the Basic Options screen:<br />
<br />
==Basic Mode / Options==<br />
<br />
[[Image:basic_options-pointers.png]]<br />
<br />
Here we describe the textboxes and buttons on the Basic Options dialog.<br />
<br />
===1. Master Password===<br />
<br />
Your ONE "password to rule them all". This password, when combined with a URL (or whatever text string you choose), hash algorithm, optional l33t-speak, username, and counter, is used to generate unique, site-specific passwords, as explained in the introduction.<br />
<br />
Note: the reference to 'One' ''master password'' is more symbolic than anything, as there is nothing to prevent you from using 2, 5, or as many different ''master passwords'' as you like - although that kind of defeats the purpose of PasswordMaker, which is to make things simpler, right?<br />
<br />
===2. Store Master Password===<br />
<br />
Once you have entered a ''master password'', you can click in this box and be presented with three options:<br />
[[Image:basic-store-mpw-options.png]]<br />
*'''Not at all''' - the master password is not stored anywhere at any time (memory or disk). This is the most secure option, but also the least convenient because you are prompted to enter the master password everytime a password is generated.<br />
*'''In memory''' - the master password is stored encrypted in the browser's memory but not on disk. This option provides a reasonable trade-off between security and convenience. You won't be prompted to enter the master password again until all browser instances have closed (disposing memory contents), and the browser is re-opened. The master password is encrypted in memory so that if it's written to disk by the operating system as part of a swap file/paging file, it can't easily be decrypted.<br />
*'''Store master password on disk and in memory''' - the master password is stored encrypted on the local hard drive and in memory. This option is the least secure, but the most convenient. You won't ever be prompted to enter the master password when using this option. Note: although the encryption used to store the master password is strong, the encryption/decryption key is also stored on your local hard drive. This makes decryption of the master password relatively simple. You should not use this option unless either (a) you are the only person with access to the hard drive, or (b) you are comfortable with the master password possibly being decrypted by others.<br />
<br />
To erase the master password and encryption key from disk and memory, select the '''Not at all''' option, or simply clear the master password field from either the Tools sub-menu or the context menu:<br><br />
[[Image:context-clear-mpw.png]]<br />
<br />
===3. Using Text===<br />
<br />
By default, this shows only the ''URL components'' of the current URL being used to generate the password, but you can change this to anything you want. <br />
<br />
[[Image:basic-using-text.png]]<br />
<br />
===4. Generated Password===<br />
<br />
Here you see the generated password. It'll be shown as plain text, or encrypted depending on your setting in the 'Global Settings' tab. <br />
<br />
[[Image:basic-generated-password.png]]<br />
<br />
===5. Copy Generated Password to Clipboard===<br />
<br />
This button copies the generated password to the clipboard where it remains for the amount of time specified amount in the [advanced-options.xhtml Advanced Options] dialog (10 seconds by default).<br />
<br />
===6. Advanced Options===<br />
<br />
Clicking here will switch to the ''Advanced'' mode/options.<br />
<br />
[[Image:basic-adv-opt.png]]<br />
<br />
===7. Close===<br />
<br />
The ''Close'' button closes the current dialog.<br />
<br />
==Using PasswordMaker In 'Basic' Mode==<br />
<br />
There are three ways that you will use PasswordMaker from this point forward (assuming you stick with it - and please do - it is well worth the effort - once you 'get it', you'll never know how you lived without it):<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Generate_Password_for_a_New_Account|to generate a password for a new account when you are first signing up]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Password_Change_Procedure|to change the password for an existing account]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Log-In_to_an_Existing_Account|to log into an account that you have already changed to a PasswordMaker password]]<br />
<br />
Without PasswordMaker, when you go to any site that requires a username and password, you would manually type in your username, then your password, then click the 'Login' button (or sometimes you can just hit the ''Enter'' key).<br />
<br />
You will still have to do this for each site that you use, in order to ''convert'' the site to work properly with PasswordMaker - but only one more time. From that time forward, you will be able to use PasswordMaker to populate those fields for you, quickly and securely, only having to remember your ''master password''.<br />
<br />
As was suggested earlier, please choose some non-essential sites to do first, and make sure that you have properly set up an alternate email address, so that you can unlock the account if you inadvertently lock yourself out of it.<br />
<br />
So, to get started, either:<br />
* click here and print out the page that opens, so that you have these full instructions for changing your password handy, or<br />
* open the site you will be using in a new [http://en.wikipedia.org/wiki/Browser_tab browser tab], and flip between the two sites that way<br />
* follow the instructions for ''changing your password'' to one that PasswordMaker generates<br />
<br />
===Generate Password for a New Account===<br />
<br />
<br />
<br />
===Password Change Procedure===<br />
<br />
When you go to a site which requires a password, PasswordMaker, depending on the settings, will either auto populate the password field, let you right click on the password field and give you the selection PasswordMaker in the context menu (todo: link to context-menu section). Then, depending on whether PasswordMaker knows your master password, or not, it will prompt you for your master password and populate the password box on the site, or just populate the password box on the site.<br />
<br />
Again, depending on your settings, the password populated in to the password field of the site will either be an account specific, or a default password.<br />
<br />
After PasswordMaker has been installed, you should decide whether you wish to log in to your online account, be it a bank account, a subscription type service, with an account / URL specific password, or a default password. The account specific password will be set up with a URL, so that PasswordMaker knows to use those specific settings for the site with the URL set up.<br />
<br />
Of course, PasswordMaker can not and will not know your site specific password, unless you change the password of the site or service to the password generated by PasswordMaker. You do this by logging in to the site in question and select to change the password on that site. Typically, you will supply your old password and then a new password, which you will the have to enter again to confirm the new password. Here's an animated example of this process:<br />
<br />
<swf width="663" height="358">ChangePasswordDemo.swf</swf><br />
<br />
===Log-In to an Existing Account===<br />
<br />
When you visit a site which requires a password, just enter your username and right click on the password box and select PasswordMaker to fill in your password, which is determined by your settings. (todo: discuss CoolKey or link to CoolKey section). Then, when you click on the login button, you will be logged into the site. Here is another animated example:<br />
<br />
<swf width="453" height="456">Passwordmaker_login.swf</swf><br />
<br />
====Help====<br />
<br />
This button displays the help page.</div>141.162.101.50https://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted&diff=1298Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted2008-08-13T14:57:13Z<p>141.162.101.50: Rephrased second paragraph</p>
<hr />
<div><table><tr align="left"><td valign="top" width="345"><br />
__TOC__</td><br />
<td valign="top"><br />
This edition of PasswordMaker is a small, lightweight, free (licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source license), extension for many of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
<br />
It creates unique, secure passwords that are very easy for you, and no one else, to create and use. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen.<br />
<br />
Much of the following information is applicable '''only''' to the 1.7.x versions of PasswordMaker. If you are using an older version, please [https://addons.mozilla.org/en-US/firefox/addon/469 upgrade], and then come back here to learn how to take advantage of all of the unique and powerful features PWM has to offer.<br />
<br />
<br />
<br />
<br />
'''The [http://passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced Advanced Usage] page still needs a bit of work, but for all intents and purposes, the wiki is now considered stable enough for anyone and everyone to start adding to it.'''<br />
</td></tr></table><br />
<br />
==First Things First==<br />
<br />
In order to prevent some of the most common errors - and to save you a lot of confusion and frustration - you are strongly encouraged to read this entire page, along with the [[Faq|FAQ]], at least once prior to attempting to use PasswordMaker.<br />
<br />
===Precautions and Caveats===<br />
<br />
PasswordMaker has two different 'modes' that it can operate in - ''Basic'', and ''Advanced''.<br />
<br />
Using PasswordMaker in ''Basic'' mode (using only the ''Basic Options'') is very secure, and is the recommended way to start out, but there are certain things you should understand in order to avoid problems - the most common of which is locking yourself out of one of your online accounts.<br />
<br />
With this in mind, it is best to:<br />
*be sure that you have defined an alternate email address for any important accounts, so you will be able to 'reset' or 'recover' your password in the event that you lock yourself out (this is a good thing to do anyway, whether you use PasswordMaker or not)<br />
*practice a few times on a throw away account, like gmail or yahoo - but the first recommendation still applies<br />
*start out using PasswordMaker in ''Basic'' mode - but first learn the difference between ''Basic'' and ''Advanced'' modes so that you will know if/when you need to switch to the ''Advanced'' mode<br />
<br />
'''Note:''' PasswordMaker is currently unable to populate ''Basic HTTP Auth'' pop-up prompts like this:<br><br />
[[Image:Basic_http_auth.png]]<br />
<br />
===''Basic'' and ''Advanced'' Modes - Differences===<br />
<br />
The main difference between the two modes is primarily one of complexity, in the form of the large number of configuration options. We will get into each in detail below, but for now:<br />
<br />
*PasswordMaker uses the concept of ''Accounts'' to identify a group of ''settings'' that work together to generate a password<br />
<br />
*'''In ''Basic'' mode''', there is only one ''account'' that matters (referred to as the ''Defaults account'') - so, only one group of ''settings'' (referred to as the ''Defaults settings''), that are applied to every site that you log into<br />
- The main advantage of using only the ''Basic'' options is simplicity<br />
<br />
*<b>In ''Advanced'' mode</b><br />
**you can create as many unique ''accounts'' as desired, each of which has its own ''settings'' that are applied only when that account is used<br />
**you must define the URL(s) that identify each account<br />
**you can define <b>multiple</b> URLs for any given ''account'', which means:<br />
***PasswordMaker will use the same ''settings'' for all of these ''sites''<br />
***PasswordMaker will generate the same ''password'' for all of these ''sites''<br />
**you can optionally save the ''master password hash'', which is a very convenient and safe way to verify that you have entered the same ''master password'' (when logging into a site) as when you created the password - essentially preventing any ''failed logins''<br />
- The main advantage of using the 'Advanced' options is the ability to customize the way PasswordMaker behaves for different sites/accounts<br />
<br />
===Password Generation - Parameters and Triggers===<br />
<br />
Regardless of which mode you are using, PasswordMaker makes it very easy to generate unique passwords for different sites on demand - and can optionally ''automatically'' detect when you are on a login page - or via a simple keystroke or toolbar button click - prompt you for the ''master password'', and then populate both the username and password fields.<br />
<br />
*The parameters used to generate any given password are:<br />
**the contents of the ''Using Text'' field, which by default is the ''URL components'' you have enabled (the default is to only use the [http://en.wikipedia.org/wiki/Top-level_domain TLD (top-level domain)] - e.g., ''passwordmaker.org''<br />
**the username, if defined<br />
**the ''extended attributes'' as provided, or modified by you<br />
**the ''master password'' used<br />
<br />
*There are two ways PasswordMaker can be ''triggered'' into action:<br />
**manually, using the ''ctrl-`'' key combination, or<br />
**automatically, if the ''Auto-populate'' option is enabled<br />
***if ''Auto-populate'' is '''enabled''' for the ''Defaults account'', it can be selectively '''disabled''' for individual custom ''accounts'', or<br />
***if ''Auto-populate'' is '''disabled''' for the ''Defaults account'', it can be selectively '''enabled''' for individual custom ''accounts''<br />
**if there is no password field detected on the current web page, PasswordMaker will do nothing<br />
<br />
When PasswordMaker is ''triggered'', it compares the currently detected ''URL pattern'' - which consists of only the components enabled in the ''Defaults settings'' - against the defined ''URL patterns'' for all of your custom ''accounts'', and<br />
*if a match is '''not''' found in any custom ''accounts'' that you have defined, then the ''Defaults settings'' will be used<br />
*if only one ''account'' contains a pattern match, the ''Master Password Prompt'' window is opened<br />
*if more than one ''account'' contains a pattern match, the ''Account Selection'' window opens first, allowing you to select which ''Account'' you want to use, and '''then''' the ''Master Password Prompt'' window is opened<br />
<br />
==Installation and Initial Configuration==<br />
<br />
For Firefox, SeaMonkey, Mozilla Suite and Netscape, the installation is done automatically from [https://addons.mozilla.org/en-US/firefox/addon/469 addons.mozilla.org].<br><br />
Beta Releases can be downloaded from [http://passwordmaker.org/beta.html here]<br><br />
Older Releasescan be downloaded from [http://passwordmaker.org/installation2.html here]<br />
<br />
When the installation is complete, a restart of your browser is required to make PasswordMaker available for use. Once you have successfully installed PasswordMaker, there are three ways to open it:<br />
<br />
* the PasswordMaker option from the Tools sub-menu:<br />
[[Image:tools-open.png]]<br />
* the Toolbar icon (golden ring):<br />
[[Image:Toolbar-1.7.gif]]<br />
* the '''&lt;ctrl&gt; `''' shortcut key (almost always above the 'Tab' key) which looks like this on en-US keyboards: [[Image:Tildakey.gif|` - key]]<br />
<br />
For Mozilla and Netscape users, the toolbar icon is installed by default. For Firefox users, the toolbar icon must be manually added by using the "View -&gt; Toolbars -&gt; Customize" menu, and then dragging the golden ring icon on to the toolbar.<br />
<br />
TODO: need Flock installation instructions...<br />
<br />
Once you've installed the extension and configured the Toolbar to your liking, you can ''Open'' PasswordMaker by either clicking on the main toolbar button (the golden ring are presented with the Basic Options screen:<br />
<br />
==Basic Mode / Options==<br />
<br />
[[Image:basic_options-pointers.png]]<br />
<br />
Here we describe the textboxes and buttons on the Basic Options dialog.<br />
<br />
===1. Master Password===<br />
<br />
Your ONE "password to rule them all". This password, when combined with a URL (or whatever text string you choose), hash algorithm, optional l33t-speak, username, and counter, is used to generate unique, site-specific passwords, as explained in the introduction.<br />
<br />
Note: the reference to 'One' ''master password'' is more symbolic than anything, as there is nothing to prevent you from using 2, 5, or as many different ''master passwords'' as you like - although that kind of defeats the purpose of PasswordMaker, which is to make things simpler, right?<br />
<br />
===2. Store Master Password===<br />
<br />
Once you have entered a ''master password'', you can click in this box and be presented with three options:<br />
[[Image:basic-store-mpw-options.png]]<br />
*'''Not at all''' - the master password is not stored anywhere at any time (memory or disk). This is the most secure option, but also the least convenient because you are prompted to enter the master password everytime a password is generated.<br />
*'''In memory''' - the master password is stored encrypted in the browser's memory but not on disk. This option provides a reasonable trade-off between security and convenience. You won't be prompted to enter the master password again until all browser instances have closed (disposing memory contents), and the browser is re-opened. The master password is encrypted in memory so that if it's written to disk by the operating system as part of a swap file/paging file, it can't easily be decrypted.<br />
*'''Store master password on disk and in memory''' - the master password is stored encrypted on the local hard drive and in memory. This option is the least secure, but the most convenient. You won't ever be prompted to enter the master password when using this option. Note: although the encryption used to store the master password is strong, the encryption/decryption key is also stored on your local hard drive. This makes decryption of the master password relatively simple. You should not use this option unless either (a) you are the only person with access to the hard drive, or (b) you are comfortable with the master password possibly being decrypted by others.<br />
<br />
To erase the master password and encryption key from disk and memory, select the '''Not at all''' option, or simply clear the master password field from either the Tools sub-menu or the context menu:<br><br />
[[Image:context-clear-mpw.png]]<br />
<br />
===3. Using Text===<br />
<br />
By default, this shows only the ''URL components'' of the current URL being used to generate the password, but you can change this to anything you want. <br />
<br />
[[Image:basic-using-text.png]]<br />
<br />
===4. Generated Password===<br />
<br />
Here you see the generated password. It'll be shown as plain text, or encrypted depending on your setting in the 'Global Settings' tab. <br />
<br />
[[Image:basic-generated-password.png]]<br />
<br />
===5. Copy Generated Password to Clipboard===<br />
<br />
This button copies the generated password to the clipboard where it remains for the amount of time specified amount in the [advanced-options.xhtml Advanced Options] dialog (10 seconds by default).<br />
<br />
===6. Advanced Options===<br />
<br />
Clicking here will switch to the ''Advanced'' mode/options.<br />
<br />
[[Image:basic-adv-opt.png]]<br />
<br />
===7. Close===<br />
<br />
The ''Close'' button closes the current dialog.<br />
<br />
==Using PasswordMaker In 'Basic' Mode==<br />
<br />
There are three ways that you will use PasswordMaker from this point forward (assuming you stick with it - and please do - it is well worth the effort - once you 'get it', you'll never know how you lived without it):<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Generate_Password_for_a_New_Account|to generate a password for a new account when you are first signing up]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Password_Change_Procedure|to change the password for an existing account]]<br />
* [[Firefox/Mozilla/SeaMonkey/Flock/Netscape#Log-In_to_an_Existing_Account|to log into an account that you have already changed to a PasswordMaker password]]<br />
<br />
Without PasswordMaker, when you go to any site that requires a username and password, you would manually type in your username, then your password, then click the 'Login' button (or sometimes you can just hit the ''Enter'' key).<br />
<br />
You will still have to do this for each site that you use, in order to ''convert'' the site to work properly with PasswordMaker - but only one more time. From that time forward, you will be able to use PasswordMaker to populate those fields for you, quickly and securely, only having to remember your ''master password''.<br />
<br />
As was suggested earlier, please choose some non-essential sites to do first, and make sure that you have properly set up an alternate email address, so that you can unlock the account if you inadvertently lock yourself out of it.<br />
<br />
So, to get started, either:<br />
* click here and print out the page that opens, so that you have these full instructions for changing your password handy, or<br />
* open the site you will be using in a new [http://en.wikipedia.org/wiki/Browser_tab browser tab], and flip between the two sites that way<br />
* follow the instructions for ''changing your password'' to one that PasswordMaker generates<br />
<br />
===Generate Password for a New Account===<br />
<br />
<br />
<br />
===Password Change Procedure===<br />
<br />
When you go to a site which requires a password, PasswordMaker, depending on the settings, will either auto populate the password field, let you right click on the password field and give you the selection PasswordMaker in the context menu (todo: link to context-menu section). Then, depending on whether PasswordMaker knows your master password, or not, it will prompt you for your master password and populate the password box on the site, or just populate the password box on the site.<br />
<br />
Again, depending on your settings, the password populated in to the password field of the site will either be an account specific, or a default password.<br />
<br />
After PasswordMaker has been installed, you should decide whether you wish to log in to your online account, be it a bank account, a subscription type service, with an account / URL specific password, or a default password. The account specific password will be set up with a URL, so that PasswordMaker knows to use those specific settings for the site with the URL set up.<br />
<br />
Of course, PasswordMaker can not and will not know your site specific password, unless you change the password of the site or service to the password generated by PasswordMaker. You do this by logging in to the site in question and select to change the password on that site. Typically, you will supply your old password and then a new password, which you will the have to enter again to confirm the new password. Here's an animated example of this process:<br />
<br />
<swf width="663" height="358">ChangePasswordDemo.swf</swf><br />
<br />
===Log-In to an Existing Account===<br />
<br />
When you visit a site which requires a password, just enter your username and right click on the password box and select PasswordMaker to fill in your password, which is determined by your settings. (todo: discuss CoolKey or link to CoolKey section). Then, when you click on the login button, you will be logged into the site. Here is another animated example:<br />
<br />
<swf width="453" height="456">Passwordmaker_login.swf</swf><br />
<br />
====Help====<br />
<br />
This button displays the help page.</div>141.162.101.50https://passwordmaker.org/index.php?title=Introduction&diff=1297Introduction2008-08-13T14:45:39Z<p>141.162.101.50: s/there/present/</p>
<hr />
<div>==The Problem==<br />
<br />
With the proliferation of online resources these days, you probably have many different usernames and passwords that you have to remember: banks, investment accounts, bill pay systems, credit card sites, email accounts, instant messenger accounts, photo sites, blogging tools - and countless others - all require a username and password to be able to access them. If you're like most people, you probably have only a few - or maybe just one or two - simple passwords you use for all of your accounts, because it's easier to remember just one or two than it is dozens. To make matters worse, the one or two passwords that you do use are probably fairly simple, like your dog's name, your birthday, or your spouse or child's name. The problem is, this is '''''incredibly risky'''''.<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by saving them in your browser, or storing them in a spreadsheet or other file - which is very insecure - or even writing/printing them on a piece of paper and taping it to your computer display. Maybe you even use one of the many [http://en.wikipedia.org/wiki/Password_manager password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet?] Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every cracker in the world is drooling over the prospect of accessing their database.<br />
<br />
Ideally, you should use a unique, [http://en.wikipedia.org/wiki/Password_strength#Strong_passwords strong password] for each of your accounts - especially the ones that contain sensitive information, like your bank or your investment brokerage account - but what about all of your other accounts? They may not contain information that is quite as sensitive as your bank, but it is still your private information, and none of anyone else's business.<br />
<br />
"But only a genius could memorize so many unique passwords!", you say? Well, read on...<br />
<br />
== The Solution ==<br />
<br />
What if you could use passwords that are as unique as fingerprints for each and every one of your accounts, yet not have to remember them? PasswordMaker allows you to do just that. By using complex mathematical formulae, called [http://en.wikipedia.org/wiki/Hash_function hashing algorithms], PasswordMaker outputs the same unique passwords for you each and every time, provided you give it the same input. And these passwords ''are unique'' across the globe (providing they are of sufficient length).<br />
<br />
Don't write them down on sticky notes for others to find; no, PasswordMaker calculates them for you over and over again -- as needed -- without storing them so they can't be stolen. And if you use more than one computer (for example, one at work and one at home), it's child's play to synchronize them. There's even an [http://passwordmaker.sourceforge.net/passwordmaker.html on-line version] for times when you are at a public computer and can't install any software.<br />
<br />
----<br />
<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>141.162.101.50