https://passwordmaker.org/api.php?action=feedcontributions&user=Eric+H.+Jung&feedformat=atomPasswordMaker - User contributions [en]2024-03-29T08:44:50ZUser contributionsMediaWiki 1.35.14https://passwordmaker.org/index.php?title=Introduction&diff=1526Introduction2013-10-12T03:55:15Z<p>Eric H. Jung: /* Old Site */</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database (Like the LastPass break in of May, 2011 [http://blog.lastpass.com/2011/05/lastpass-security-notification.html LastPass Announcement]).<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
==Old Site==<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1525Introduction2013-10-12T03:55:00Z<p>Eric H. Jung: testing if edits are now allowed</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database (Like the LastPass break in of May, 2011 [http://blog.lastpass.com/2011/05/lastpass-security-notification.html LastPass Announcement]).<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
==Old Site==<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes..</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1521Introduction2012-05-18T15:12:57Z<p>Eric H. Jung: Reverted edits by Eric H. Jung (Talk) to last revision by Poltomb</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database (Like the LastPass break in of May, 2011 [http://blog.lastpass.com/2011/05/lastpass-security-notification.html LastPass Announcement]).<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
==Old Site==<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1520Introduction2012-05-18T15:11:45Z<p>Eric H. Jung: testing write access</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database (Like the LastPass break in of May, 2011 [http://blog.lastpass.com/2011/05/lastpass-security-notification.html LastPass Announcement]).<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
==Old Site==<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Java&diff=1514Java2011-12-09T17:12:53Z<p>Eric H. Jung: </p>
<hr />
<div>The Java edition is hosted [http://code.google.com/p/passwordmaker-je/ here] (with screenshots!). There are native installers (binaries) available. There is discussion about it [http://forums.passwordmaker.org/index.php/topic,1738.new.html here].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Java&diff=1513Java2011-12-09T17:12:09Z<p>Eric H. Jung: </p>
<hr />
<div>The Java edition is hosted [http://code.google.com/p/passwordmaker-je/ here]. There are native installers (binaries) available. There is discussion about it [http://forums.passwordmaker.org/index.php/topic,1738.new.html here].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Java&diff=1512Java2011-12-09T17:11:06Z<p>Eric H. Jung: initial</p>
<hr />
<div>The Java edition is hosted [http://code.google.com/p/passwordmaker-je/ here]. There is discussion about it [http://forums.passwordmaker.org/index.php/topic,1738.new.html here].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Desktop&diff=1511Desktop2011-12-09T17:09:29Z<p>Eric H. Jung: </p>
<hr />
<div>There are currently two known versions that can run as desktop applications.<br />
<br />
* [[Native]]<br />
* [[Java]]</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Desktop&diff=1510Desktop2011-12-09T17:08:38Z<p>Eric H. Jung: Replaced content with '
Native
Java'</p>
<hr />
<div><br />
[[Native]]<br />
[[Java]]</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Native&diff=1509Native2011-12-09T17:07:16Z<p>Eric H. Jung: copy of Desktop</p>
<hr />
<div><table><tr align="left"><td valign="top" width="220"><br />
__TOC__</td><br />
<td valign="top"><br />
Executables are available for Windows. For other operating systems, please download the cross-platform source code and compile it locally. We are glad to host executables for other operating systems here; contact us once you've compiled the source for your platform. <br />
<br />
This edition was made with [http://trolltech.com/products/qt Trolltech's QT] and was created by [[Miquel Fire]]. Due to QT's license for open source products, this edition uses [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPL] instead of the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] that the other editions use.</td></tr></table><br />
<br />
<br />
==Download==<br />
<br />
Download the desktop edition from [http://sourceforge.net/project/showfiles.php?group_id=158071&package_id=234547 here]<br />
<br />
==Screenshots==<br />
<br />
See [[Screenshots#Desktop|here]].<br />
<br />
== Installation ==<br />
<br />
PasswordMaker Desktop Edition can be installed in one of the following ways:<br />
<br />
* Precompiled<br />
** [http://downloads.sourceforge.net/passwordmaker/PasswordMakerInstall-0.4.exe Windows installer]. Most Windows users should take this route.<br />
** [http://downloads.sourceforge.net/passwordmaker/passwordmaker-desktop-0.4-win32.zip Windows zip]. If you don't want to (or can't) run the installer.<br />
** [http://downloads.sourceforge.net/passwordmaker/passwordmaker-portable-0.4-win32.zip Windows Portable Zip]. For running off a portable ([http://en.wikipedia.org/wiki/USB USB] / [http://en.wikipedia.org/wiki/FireWire Firewire] / [http://en.wikipedia.org/wiki/SATA#External_SATA eSATA]) drive. All this version does differently is store its settings in a subdirectory called ''data''. The zip file will extract to a directory called PasswordMaker Portable.<br />
<br />
* Compiled from source (For Linux and Mac users):<br />
** [http://downloads.sourceforge.net/passwordmaker/passwordmaker-desktop-src-0.4.zip zip file]<br />
** [http://downloads.sourceforge.net/passwordmaker/passwordmaker-desktop-src-0.4.zip tar.gz file]<br />
** [http://downloads.sourceforge.net/passwordmaker/passwordmaker-desktop-src-0.4.tar.bz2 tar.bz2 file]<br />
<br />
=== Compiling ===<br />
In order to compile this edition of PasswordMaker, you will need:<br />
<br />
* [http://trolltech.com/products/qt QT 4.3]+ with the XML, DB (with SQLite driver), and Script modules enabled.<br />
* (Optional) [http://mhash.sourceforge.net mHash]. Using mHash disable the use of HMAC-SHA-256 Version 1.5.2 due to the nature of the bug with this version, but is faster. On Windows, you'll notice that there are precompiled libraries for mHash to use.<br />
<br />
For now, just read the ''build.txt'' that comes with the source to compile this edition.<br />
<br />
== Usage ==<br />
<br />
Once installed, you just launch the program. When you need to get a password for a site, just:<br />
<br />
* copy and paste the URL into the ''Input URL'' field, and<br />
* enter you master password.<br />
<br />
Please note, currently as of version 0.4, there is no method to save the master password as there is in the much more advanced [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Firefox]] version.<br />
You should have the generated password ready for use now.<br />
<br />
=== Changing Default Settings ===<br />
<br />
You can change the parameters use to generate passwords by click on the ''Edit Defaults'' button.<br />
<br />
==== URLs tab ====<br />
<br />
Here you can choose which parts of the ''Input URL'' PasswordMaker can use.<br />
<br />
==== Extended tab ====<br />
<br />
The parameters in this tab control how PasswordMaker generates its password.<br />
<br />
* The ''Username'' field may be used to fill in a username in other editions. You can use this to keep compatible with other editions, and (when multiple account support is added) use it to remind yourself of the username you used on a site.<br />
<br />
* The ''Use l33t'' and ''l33t Level'' fields control how PasswordMaker uses l33t routines when creating passwords. Please note using after generation can introduce characters you may not want into your generated password. Using it before generation also causes the master password to be case insensitive.<br />
<br />
* The ''Hash Algorithm'' field tells PasswordMaker which hash algorithm to use. Please note, using an mHash built version will not have the ''HMAC-SHA-256 Version 1.5.2'' algorithm on the list because it's currently not supported that way, and may never be.<br />
<br />
* The ''Password Length'' field tells PasswordMaker how long to make the password.<br />
<br />
* The ''Characters'' field tells PasswordMaker what characters it should use to make the generated password. You may need to edit this a bit to get it working correctly.<br />
<br />
* The ''Modifier'' field is just another bit of text you can use to change the generated password. Mainly used for sites that require you to change your password once in a while.<br />
<br />
* The ''Password Prefix'' and ''Password Suffix'' fields allows you to have parts of the password have set characters.<br />
<br />
=== Importing and Exporting ===<br />
<br />
This edition of PasswordMaker is the first to use a new XML format for importing and exporting.<br />
<br />
It also uses this format internally for keeping its settings.<br />
<br />
It should be noted that its export method is non-destructive in that it will read the file first, and only update the data it uses.<br />
<br />
==FAQ==<br />
<br />
== Changes ==<br />
<br />
=== Version 0.4 ===<br />
<br />
Released 2008-01-28<br />
<br />
* Added Settings dialog. (Note, these do not import/export to RDF currently)<br />
<br />
=== Version 0.3 ===<br />
<br />
Released 2008-01-01<br />
<br />
* Fixed bug with arbitrary length passwords.<br />
<br />
=== Version 0.2.2 ===<br />
<br />
* Added message boxes for importing and exporting.<br />
<br />
=== Version 0.2.1 ===<br />
<br />
Released 2007-10-26<br />
<br />
* Fixed password settings being lost when starting.<br />
* Fixed using URL bug (wasn't used at times)<br />
* Precompiled is now statically built to not need the dlls files any more (and results in a slightly smaller download)<br />
<br />
=== Version 0.2 ===<br />
<br />
Released 2007-10-14<br />
<br />
* A new portable version is released<br />
* A better installer (Note, uninstall 0.1 if you have it)<br />
* Can now minimize to the system tray.<br />
* Fixed issue with URL not working correctly with only two domain segments (like http://passwordmaker.org/ only generating org in the using URL field)<br />
* QSA replaced with a faster QtScript (and reduce the dependencies by one)<br />
<br />
[[Category:Editions]]</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1508NavTree2011-12-09T17:06:44Z<p>Eric H. Jung: </p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [[Google Chrome]]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Android]]<br />
** [[Desktop]]<br />
*** [[Native]]<br />
*** [[Java]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [[Maemo]]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1507NavTree2011-12-09T17:05:41Z<p>Eric H. Jung: </p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [[Google Chrome]]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Android]]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [[Maemo]]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1506NavTree2011-12-09T17:05:05Z<p>Eric H. Jung: </p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefo / Mozilla<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [[Google Chrome]]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Android]]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [[Maemo]]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1458Introduction2010-08-23T22:22:48Z<p>Eric H. Jung: new heading</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
==Old Site==<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1457Introduction2010-08-23T22:21:37Z<p>Eric H. Jung: moved grid-computer image to local file in case remote site goes down again</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [[Media:ZBoxOpenJuly03.jpg|like this]] won't help!<br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=File:ZBoxOpenJuly03.jpg&diff=1456File:ZBoxOpenJuly03.jpg2010-08-23T22:18:35Z<p>Eric H. Jung: From http://www-theorie.physik.unizh.ch/research_groups/astrophysics/images/zbox/zBoxOpenJuly03.jpg</p>
<hr />
<div>From http://www-theorie.physik.unizh.ch/research_groups/astrophysics/images/zbox/zBoxOpenJuly03.jpg</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1455Introduction2010-08-23T22:16:39Z<p>Eric H. Jung: /* Our Solution */</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, Android, Python, and many other platforms & systems. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution.<br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [http://www-theorie.physik.unizh.ch/research_groups/astrophysics/images/zbox/zBoxOpenJuly03.jpg like this] won't help! <br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1454Introduction2010-08-23T22:15:22Z<p>Eric H. Jung: /* Existing Solutions */</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's computer, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database.<br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, and many other platforms. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution. <br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [http://www-theorie.physik.unizh.ch/research_groups/astrophysics/images/zbox/zBoxOpenJuly03.jpg like this] won't help! <br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1453Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2010-08-23T22:14:17Z<p>Eric H. Jung: 1.7.8 is no longer a beta -- updating page accordingly</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/SeaMonkey/Mozilla/Netscape/Flock==<br />
<br />
There are currently no beta releases. The last beta release was 1.7.8b1.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1451Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2010-07-14T11:45:37Z<p>Eric H. Jung: /* Release Notes */</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/SeaMonkey/Mozilla/Netscape/Flock==<br />
<br />
===1.7.8 beta 1===<br />
[[Media:Passwdmaker-1.7.8b1.xpi|Download]] - 269kb.<br />
<br />
====Release Notes====<br />
* Support for Firefox 4 and 3.x</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1450Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2010-07-14T11:43:32Z<p>Eric H. Jung: /* Beta Versions for Firefox/SeaMonkey/Mozilla/Netscape/Flock */</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/SeaMonkey/Mozilla/Netscape/Flock==<br />
<br />
===1.7.8 beta 1===<br />
[[Media:Passwdmaker-1.7.8b1.xpi|Download]] - 269kb.<br />
<br />
====Release Notes====<br />
* Support for Firefox 4</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1449Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2010-07-14T11:43:03Z<p>Eric H. Jung: 1.7.8b1</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/SeaMonkey/Mozilla/Netscape/Flock==<br />
<br />
Currently none<br />
===1.7.8 beta 1===<br />
[[Media:Passwdmaker-1.7.8b1.xpi|Download]] - 269kb.<br />
<br />
====Release Notes====<br />
* Support for Firefox 4</div>Eric H. Junghttps://passwordmaker.org/index.php?title=File:Passwdmaker-1.7.8b1.xpi&diff=1448File:Passwdmaker-1.7.8b1.xpi2010-07-14T11:40:36Z<p>Eric H. Jung: PasswordMaker 1.7.8 beta 1 - Support for Firefox 4.</p>
<hr />
<div>PasswordMaker 1.7.8 beta 1 - Support for Firefox 4.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Google_Chrome&diff=1443Google Chrome2010-05-10T20:50:58Z<p>Eric H. Jung: </p>
<hr />
<div>There are currently three Google Chrome editions:<br />
<br />
* [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm 1] - a basic port of the online/javascript edition. This is edition is by Matt Perry (a.k.a. mpcomplete), a Google employee.<br />
* [https://chrome.google.com/extensions/detail/ocjkdaaapapjpmipmhiadedofjiokogj 2] - a more feature-rich extension. This edition is by Bodo Tasche.<br />
* [https://chrome.google.com/extensions/detail/bdpcmemfgiocoffjmpbbldflllfgldln 3] - a version focused on easy use. This edition is by neelance.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download&diff=1440Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download2010-05-04T19:47:48Z<p>Eric H. Jung: </p>
<hr />
<div>==Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape==<br />
PasswordMaker 1.7.7 can be downloaded securely from [https://addons.mozilla.org/en-US/firefox/addon/469 here].<br />
<br />
<br />
*Version history and release notes can be found [https://addons.mozilla.org/en-US/firefox/addons/versions/469 here]. Release notes for versions 1.6.1 and earlier can be found [http://passwordmaker.sourceforge.net/installation2.html here].<br />
<br />
*Beta versions can be found [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|here]].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download&diff=1438Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download2010-04-30T20:22:27Z<p>Eric H. Jung: /* Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape */</p>
<hr />
<div>==Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape==<br />
PasswordMaker 1.7.6 can be downloaded securely from [https://addons.mozilla.org/en-US/firefox/addon/469 here].<br />
<br />
<br />
*Version history and release notes can be found [https://addons.mozilla.org/en-US/firefox/addons/versions/469 here]. Release notes for versions 1.6.1 and earlier can be found [http://passwordmaker.sourceforge.net/installation2.html here].<br />
<br />
*Beta versions can be found [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|here]].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download&diff=1435Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download2010-04-22T03:04:33Z<p>Eric H. Jung: /* Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape */</p>
<hr />
<div>==Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape==<br />
PasswordMaker 1.7.5 can be downloaded securely from [https://addons.mozilla.org/en-US/firefox/addon/469 here].<br />
<br />
<br />
*Version history and release notes can be found [https://addons.mozilla.org/en-US/firefox/addons/versions/469 here]. Release notes for versions 1.6.1 and earlier can be found [http://passwordmaker.sourceforge.net/installation2.html here].<br />
<br />
*Beta versions can be found [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|here]].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Google_Chrome&diff=1434Google Chrome2010-04-18T22:03:59Z<p>Eric H. Jung: </p>
<hr />
<div>There are currently two Google Chrome editions:<br />
<br />
* [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm 1] - a basic port of the online/javascript edition. This is edition is by mpcomplete, a Google employee.<br />
* [https://chrome.google.com/extensions/detail/ocjkdaaapapjpmipmhiadedofjiokogj 2] - a more feature-rich extension. This edition is by Bodo Tasche.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Google_Chrome&diff=1424Google Chrome2010-04-11T16:55:14Z<p>Eric H. Jung: initial</p>
<hr />
<div>There are currently two Google Chrome editions:<br />
<br />
* [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm 1] - a basic port of the online/javascript edition. This is edition is by mpcomplete, a Google employee.<br />
* [http://github.com/bitboxer/chrome-passwordmaker 2] - an edition with plans to be more feature-rich than the first. This edition is by bitboxer.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1423NavTree2010-04-11T16:52:44Z<p>Eric H. Jung: </p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla...<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [[Google Chrome]]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://wiki.passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Eric_H._Jung&diff=1422Eric H. Jung2010-04-11T16:52:14Z<p>Eric H. Jung: </p>
<hr />
<div>I'm the founder of PasswordMaker, passwordmaker.org, and primary author of some of the PasswordMaker editions.<br />
[[Category:Profiles]]</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download&diff=1420Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download2010-03-30T21:56:06Z<p>Eric H. Jung: /* Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape */</p>
<hr />
<div>==Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape==<br />
PasswordMaker 1.7.4 can be downloaded securely from [https://addons.mozilla.org/en-US/firefox/addon/469 here].<br />
<br />
<br />
*Version history and release notes can be found [https://addons.mozilla.org/en-US/firefox/addons/versions/469 here]. Release notes for versions 1.6.1 and earlier can be found [http://passwordmaker.sourceforge.net/installation2.html here].<br />
<br />
*Beta versions can be found [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|here]].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Python&diff=1416Python2010-03-06T04:51:03Z<p>Eric H. Jung: added link</p>
<hr />
<div>There are two python versions.<br />
<br />
One is [http://passwordmaker.svn.sourceforge.net/viewvc/passwordmaker/trunk/python/ here] in our Subversion revision control system. The discussion topic for it is [http://forums.passwordmaker.org/index.php?topic=1548.0 here].<br />
<br />
The other (older) version is [http://www.mediafire.com/?uk0mnnlezjm here]. Its discussion topic is [http://forums.passwordmaker.org/index.php?topic=1288.0 here].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Donations_and_Expenses&diff=1415Donations and Expenses2010-03-06T04:41:44Z<p>Eric H. Jung: </p>
<hr />
<div>==Page No Longer Maintained==<br />
Although we continue to have annual expenses for hosting, they are minimal and not worth asking for donations. Please enjoy PasswordMaker without the guilt of thinking we still need hand-outs :)<br />
<br />
You are still encouraged to donate if you like, but your donation won't be listed here.<br />
<br />
==Donating==<br />
Unlike most projects which ask for donations, we reveal the amount that's been donated. We believe in full transparency. If you enjoy PasswordMaker, please consider donating. Donor names will be posted here for all to appreciate unless you request to be anonymous. We won't reveal '''how much''' you donated.<br />
<br />
Thank you,<br />
Eric H. Jung and the PasswordMaker Team<br />
<br />
All figures are in US Dollars.<br />
<br />
<br />
<paypal></paypal><br />
<br />
==Expenses==<br />
Total as of 09-21-2007: '''704.48'''<br />
<br />
*1-year [http://passwordmaker.org passwordmaker.org] domain registration with privacy: '''13.19'''<br />
*Hash algorithm consulting from security expert [http://pajhome.org.uk/ Paul Johnston]: '''125.00'''<br />
*Advert disabling on these forums (approx 6000 pages views) '''5.00'''<br />
*6-month hosting on [http://asmallorange.com A Small Orange] '''15.00'''<br />
*08-09-2005: Advert disabling on these forums '''10.00'''<br />
*08-23-2005: Donation to Michael Vincent van Rantwijk and the [http://multizilla.mozdev.org MultiZilla project] for fixing parts of PasswordMaker for Mozilla Suite/SeaMonkey '''20.00'''<br />
*09-22-2005: Extra ISP bandwidth fees for the month of September '''0.50'''<br />
*09-23-2005: Donation to Michael Vincent van Rantwijk and the [http://multizilla.mozdev.org MultiZilla project] for ongoing PasswordMaker work '''51.00'''<br />
*10-10-2005: Advert disabling on these forums '''20.00'''<br />
*10-14-2005: Annual ISP fee for dedicated IP for SSL '''24.00'''<br />
*10-17-2005: [http://www.jpilot.com/ jPilot IRC Software] for [http://passwordmaker.org/chat/chat.php Online Support & Chat] '''49.99'''<br />
*10-20-2005: Extra ISP bandwidth fees for October '''1.00'''<br />
*11-03-2005: Raw dump of forums database from invisionfree.com '''20.00'''<br />
*11-08-2005: Invision Power Board license (these forums) '''185.00'''<br />
*11-17-2005: Extra ISP bandwidth fees for November & December '''2.80'''<br />
*12-28-2005: 6-month hosting on [http://asmallorange.com A Small Orange] '''36.00'''<br />
*02-19-2006: Donation to aeshells.org for forum hosting '''20.00'''<br />
*03-08-2006: Raw dump of forums database from invisionfree.com so forums could be moved to aeshells.org (free hosting) '''35.00'''<br />
*03-27-2006: 5-year [http://passwordmaker.org passwordmaker.org] domain registration ([http://img470.imageshack.us/img470/3635/capture327200624935pm5jp.jpg receipt]) '''46.00'''<br />
*09-21-2007: 14-month hosting on [http://asmallorange.com A Small Orange] '''25.00'''<br />
<br />
==Donations==<br />
Total as of 12-24-2007 (after PayPal fees): '''827.23'''<br />
<br />
*06-22-2005: donation by '''E.Z.'''<br />
*06-17-2005: anonymous donation<br />
*07-01-2005: donation by '''Charles'''<br />
*07-08-2005: donation by '''Craig'''<br />
*07-11-2005: donation by '''quixin'''<br />
*07-15-2005: anonymous donation<br />
*07-20-2005: donation by '''Luke'''<br />
*07-20-2005: donation by '''Wayne'''<br />
*07-26-2005: donation by '''Will Warner'''<br />
*07-26-2005: donation by '''Charles'''<br />
*10-20-2005: donation by '''Charles'''<br />
*10-25-2005: donation by '''popmonkey'''<br />
*10-31-2005: donation by '''Thomas Nullmeier'''<br />
*11-02-2005 donation by '''lov2cod'''<br />
*11-03-2005 donation by '''rishi'''<br />
*11-25-2005 donation by '''Kenneth Hansen'''<br />
*11-29-2005 anonymous donation<br />
*11-30-2005 anonymous donation<br />
*12-04-2005 donation by '''Dave'''<br />
*12-09-2005 donation by '''Conrad Shultz'''<br />
*12-16-2005 donation by '''Iaizer'''<br />
*12-17-2005 donation by '''John'''<br />
*12-28-2005 donation by '''Kenneth Hamer'''<br />
*01-04-2006 donation by '''ThePythonicCow'''<br />
*01-14-2006 donation by '''Mark Doll'''<br />
*01-26-2006 donation by '''Todd Colton'''<br />
*01-26-2006 donation by '''ChungKuan Tsai'''<br />
*01-26-2006 donation by '''Mark Addink'''<br />
*01-26-2006 donation by '''Jim Kennedy'''<br />
*03-27-2006 donation by '''anonymous'''<br />
*03-28-2006 donation by '''Gary Schroeder'''<br />
*04-08-2006 donation by '''Maria Thors'''<br />
*04-08-2006 donation by '''Miquel Burns'''<br />
*04-10-2006 donation by '''Greg Hendrickson'''<br />
*08-19-2007 anonymous donation<br />
*09-13-2007 anonymous donation<br />
*09-17-2007 donation by '''Laurent Bachelier'''<br />
*09-28-2007 donation by '''Marsh'''<br />
*09-28-2007 anonymous donation<br />
*12-21-2007 anonymous donation<br />
*12-24-2007 anonymous donation</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Donations_and_Expenses&diff=1414Donations and Expenses2010-03-06T04:40:56Z<p>Eric H. Jung: </p>
<hr />
<div>=THIS PAGE IS NO LONGER MAINTAINED=<br />
Although we continue to have annual expenses for hosting, they are minimal and not worth asking for donations. Please enjoy PasswordMaker without the guilt of thinking we still need hand-outs :)<br />
<br />
You are still encouraged to donate if you like.<br />
<br />
<br />
==Donating==<br />
Unlike most projects which ask for donations, we reveal the amount that's been donated. We believe in full transparency. If you enjoy PasswordMaker, please consider donating. Donor names will be posted here for all to appreciate unless you request to be anonymous. We won't reveal '''how much''' you donated.<br />
<br />
Thank you,<br />
Eric H. Jung and the PasswordMaker Team<br />
<br />
All figures are in US Dollars.<br />
<br />
<br />
<paypal></paypal><br />
<br />
==Expenses==<br />
Total as of 09-21-2007: '''704.48'''<br />
<br />
*1-year [http://passwordmaker.org passwordmaker.org] domain registration with privacy: '''13.19'''<br />
*Hash algorithm consulting from security expert [http://pajhome.org.uk/ Paul Johnston]: '''125.00'''<br />
*Advert disabling on these forums (approx 6000 pages views) '''5.00'''<br />
*6-month hosting on [http://asmallorange.com A Small Orange] '''15.00'''<br />
*08-09-2005: Advert disabling on these forums '''10.00'''<br />
*08-23-2005: Donation to Michael Vincent van Rantwijk and the [http://multizilla.mozdev.org MultiZilla project] for fixing parts of PasswordMaker for Mozilla Suite/SeaMonkey '''20.00'''<br />
*09-22-2005: Extra ISP bandwidth fees for the month of September '''0.50'''<br />
*09-23-2005: Donation to Michael Vincent van Rantwijk and the [http://multizilla.mozdev.org MultiZilla project] for ongoing PasswordMaker work '''51.00'''<br />
*10-10-2005: Advert disabling on these forums '''20.00'''<br />
*10-14-2005: Annual ISP fee for dedicated IP for SSL '''24.00'''<br />
*10-17-2005: [http://www.jpilot.com/ jPilot IRC Software] for [http://passwordmaker.org/chat/chat.php Online Support & Chat] '''49.99'''<br />
*10-20-2005: Extra ISP bandwidth fees for October '''1.00'''<br />
*11-03-2005: Raw dump of forums database from invisionfree.com '''20.00'''<br />
*11-08-2005: Invision Power Board license (these forums) '''185.00'''<br />
*11-17-2005: Extra ISP bandwidth fees for November & December '''2.80'''<br />
*12-28-2005: 6-month hosting on [http://asmallorange.com A Small Orange] '''36.00'''<br />
*02-19-2006: Donation to aeshells.org for forum hosting '''20.00'''<br />
*03-08-2006: Raw dump of forums database from invisionfree.com so forums could be moved to aeshells.org (free hosting) '''35.00'''<br />
*03-27-2006: 5-year [http://passwordmaker.org passwordmaker.org] domain registration ([http://img470.imageshack.us/img470/3635/capture327200624935pm5jp.jpg receipt]) '''46.00'''<br />
*09-21-2007: 14-month hosting on [http://asmallorange.com A Small Orange] '''25.00'''<br />
<br />
==Donations==<br />
Total as of 12-24-2007 (after PayPal fees): '''827.23'''<br />
<br />
*06-22-2005: donation by '''E.Z.'''<br />
*06-17-2005: anonymous donation<br />
*07-01-2005: donation by '''Charles'''<br />
*07-08-2005: donation by '''Craig'''<br />
*07-11-2005: donation by '''quixin'''<br />
*07-15-2005: anonymous donation<br />
*07-20-2005: donation by '''Luke'''<br />
*07-20-2005: donation by '''Wayne'''<br />
*07-26-2005: donation by '''Will Warner'''<br />
*07-26-2005: donation by '''Charles'''<br />
*10-20-2005: donation by '''Charles'''<br />
*10-25-2005: donation by '''popmonkey'''<br />
*10-31-2005: donation by '''Thomas Nullmeier'''<br />
*11-02-2005 donation by '''lov2cod'''<br />
*11-03-2005 donation by '''rishi'''<br />
*11-25-2005 donation by '''Kenneth Hansen'''<br />
*11-29-2005 anonymous donation<br />
*11-30-2005 anonymous donation<br />
*12-04-2005 donation by '''Dave'''<br />
*12-09-2005 donation by '''Conrad Shultz'''<br />
*12-16-2005 donation by '''Iaizer'''<br />
*12-17-2005 donation by '''John'''<br />
*12-28-2005 donation by '''Kenneth Hamer'''<br />
*01-04-2006 donation by '''ThePythonicCow'''<br />
*01-14-2006 donation by '''Mark Doll'''<br />
*01-26-2006 donation by '''Todd Colton'''<br />
*01-26-2006 donation by '''ChungKuan Tsai'''<br />
*01-26-2006 donation by '''Mark Addink'''<br />
*01-26-2006 donation by '''Jim Kennedy'''<br />
*03-27-2006 donation by '''anonymous'''<br />
*03-28-2006 donation by '''Gary Schroeder'''<br />
*04-08-2006 donation by '''Maria Thors'''<br />
*04-08-2006 donation by '''Miquel Burns'''<br />
*04-10-2006 donation by '''Greg Hendrickson'''<br />
*08-19-2007 anonymous donation<br />
*09-13-2007 anonymous donation<br />
*09-17-2007 donation by '''Laurent Bachelier'''<br />
*09-28-2007 donation by '''Marsh'''<br />
*09-28-2007 anonymous donation<br />
*12-21-2007 anonymous donation<br />
*12-24-2007 anonymous donation</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Python&diff=1413Python2010-03-06T04:34:42Z<p>Eric H. Jung: Created page with 'There are two python versions. One is [http://passwordmaker.svn.sourceforge.net/viewvc/passwordmaker/trunk/python/ here] in our Subversion revision control system. The discussio…'</p>
<hr />
<div>There are two python versions.<br />
<br />
One is [http://passwordmaker.svn.sourceforge.net/viewvc/passwordmaker/trunk/python/ here] in our Subversion revision control system. The discussion topic for it is [http://forums.passwordmaker.org/index.php?topic=1548.0 here].<br />
<br />
The other (older) version is here. Its discussion topic is [http://forums.passwordmaker.org/index.php?topic=1288.0 here].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1412NavTree2010-03-06T04:29:05Z<p>Eric H. Jung: fixed mac widget link</p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla...<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm Google Chrome]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://wiki.passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1411NavTree2010-03-06T04:27:28Z<p>Eric H. Jung: fixed mac widget link</p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla...<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm Google Chrome]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[OS/X|Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://wiki.passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1410NavTree2010-03-06T04:24:48Z<p>Eric H. Jung: added python link</p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla...<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm Google Chrome]<br />
** [http://itunes.apple.com/us/app/passwordmaker-org-password/id359001896?mt=8 iPhone]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[OS/X Mac Widget]]<br />
** [[Python]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://wiki.passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Introduction&diff=1409Introduction2010-03-06T02:46:59Z<p>Eric H. Jung: changing home page to the original text (with a few edits) from http://passwordmaker.sourceforge.net. I think this just reads better.</p>
<hr />
<div>==The Problem==<br />
<br />
If you're like most people, you have a few passwords that you use over and over again on many different websites. You know this isn't secure, yet you do it anyway. Why? Because it's difficult to remember a unique password for each and every web site that requires one.<br />
<br />
==Existing Solutions==<br />
<br />
Maybe you do use unique passwords, and get around the problem of remembering them by storing them in a spreadsheet or other file. Maybe you even use [http://www.symantec.com/passwordmanager/ one] of the many [http://www.edash.com/gotpassword/gotpassword.shtml password managers] that are available. But now you've centralized your passwords and access to them becomes difficult while at work, a friend's, or a public internet terminal. You can't get to your passwords without carrying them around or [http://www.passwordsafe.com/ publishing them on the internet]. Some people even carry a USB keychain with their passwords wherever they go. How inconvenient. And [http://www.passwordsafe.com/ publishing them on the internet]? Yikes! We need not even mention the security risks inherent with that solution. Even if you trust the company storing the passwords, you can be sure every hacker in the world is drooling over the prospect of accessing their database. <br />
<br />
==Our Solution==<br />
<br />
PasswordMaker solves all of these issues. It is a small, lightweight, free, open-source tool for Internet Explorer, Firefox, Google Chrome, iPhone, Opera, PHP, Windows, OS/X, Linux, Flock, Yahoo! Widgets, and many other platforms. It creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. PasswordMaker has been around since about 2003 and so is a mature, stable, popular solution. <br />
<br />
==How It Works==<br />
<br />
Warning - technical jargon in this section!<br />
<br />
You provide PasswordMaker two pieces of information: a "master password" -- that one, single password you like -- and the [http://en.wikipedia.org/wiki/URL URL] of the website requiring a password. Through the magic of [http://en.wikipedia.org/wiki/Cryptographic_hash_function one-way hash algorithms], PasswordMaker calculates a [http://www.rsasecurity.com/rsalabs/node.asp?id=2176 message digest], also known as a [http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/distrib/dsch_key_vzqm.asp digital fingerprint], which can be used as your password for the website. Although one-way hash algorithms have a number of interesting characteristics, the one capitalized by PasswordMaker is that the resulting fingerprint (password) does "not reveal anything about the input that was used to generate it." <sup>[http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#MessageDigest 1]</sup>. In other words, if someone has one or more of your generated passwords, it is ''computationally infeasible'' for him to derive your master password or to calculate your other passwords. Computationally infeasible means even computers [http://www-theorie.physik.unizh.ch/research_groups/astrophysics/images/zbox/zBoxOpenJuly03.jpg like this] won't help! <br />
<br />
==What About Portability?==<br />
<br />
For times when you must use one of the rare platforms to which PasswordMaker hasn't been ported, or are using a system where you can't install any software, there's an [http://passwordmaker.sourceforge.net/passwordmaker.html online version] which mimics the extension and works in all web browsers new and old. No downloads or installations are required.<br />
<br />
The old PasswordMaker website can be found [http://passwordmaker.sourceforge.net/ here]. Please note it is no longer maintained but is present for archival purposes.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=NavTree&diff=1392NavTree2009-12-14T07:32:15Z<p>Eric H. Jung: added link to Google Chrome Edition by Matt Perry</p>
<hr />
<div>[[Donations_and_Expenses|Donations / Expenses]]<br />
{{#tree:openlevels=2|id=MainMenu|root=Main Menu|<br />
* Site<br />
** [[Introduction]]<br />
** [[How it works]]<br />
** [[Screenshots]]<br />
** [[News and Awards]]<br />
<br />
* Editions<br />
** Firefox / Mozilla...<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download|Download]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|Beta Versions]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/GettingStarted|Getting Started]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Advanced|Advanced Usage]]<br />
*** [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks|Tips & Tricks]]<br />
*** [[F.A.Q.#Firefox_.2F_Gecko_edition|FAQ]]<br />
<br />
** [[Javascript]]<br />
** [[Click]]<br />
** [[Opera Widget]]<br />
** [https://chrome.google.com/extensions/detail/doblembglfahhpiilfhajboogopikhcm Google Chrome]<br />
** [[Desktop]]<br />
** [[Yahoo! Widget]]<br />
** [[Command-line]]<br />
** [[PHP / Mobile]]<br />
** [[Mac Widget]]<br />
** [http://passwordmaker.sourceforge.net/passwordmaker.html On-line]<br />
** [http://passwordmaker.sourceforge.net/wallpapers/index.xhtml Wallpapers]<br />
<br />
* Help / Support<br />
** [[F.A.Q.|FAQ]]<br />
** [[Tutorials]]<br />
** [http://forums.passwordmaker.org Forums]<br />
** [http://passwordmaker.sourceforge.net/chat/chat.php Chat Room]<br />
}}<br />
{{#tree:openlevels=0|id=toolbox|root=|<br />
* Tool Box<br />
** [{{fullurl:Special:Whatlinkshere|target={{FULLPAGENAMEE}}}} What links here]<br />
** [{{fullurl:Special:Recentchangeslinked|target={{FULLPAGENAMEE}}}} Related changes]<br />
** [[Special:Upload|Upload file]]<br />
** [[Special:Specialpages|Special pages]]<br />
** [http://wiki.passwordmaker.org/index.php?title={{FULLPAGENAMEE}}&printable=yes Printable version]<br />
** [[Special:Recentchanges|Recent changes]]<br />
}}</div>Eric H. Junghttps://passwordmaker.org/index.php?title=F.A.Q.&diff=1388F.A.Q.2009-10-12T18:40:40Z<p>Eric H. Jung: Reverted edits by 85.240.197.197 (Talk) to last revision by Eric H. Jung</p>
<hr />
<div>== General ==<br />
<br />
=== What browsers/platforms are supported? ===<br />
<br />
*The extension works with some of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
*There was a beta version of PasswordMaker for Internet Explorer 6 and 7, but it was never finished, and is [http://forums.passwordmaker.org/index.php/topic,884.0.html no longer maintained]. It is highly unlikely that there will be any further development on it, unless a sponsor steps forward. If you are interested in sponsoring the Internet Explorer version, please feel free to post a message on the [http://forums.passwordmaker.org/ user forums] and someone will get in touch with you to see if an arrangement can be made.<br />
*There is an [http://passwordmaker.org/passwordmaker.html online version] that works with all browsers (including Internet Explorer and Opera) on all platforms.<br />
*The desktop version is written in [http://trolltech.com QT/C++] and works on [http://www.windows.com Windows], [http://www.apple.com Mac], and Linux/Unix (Actually, any place that QT can be compiled on). The [http://forums.passwordmaker.org/index.php/topic,1376.msg1280429.html#msg1280429 J2ME version] will work on any Java-enabled mobile phone or PDA.<br />
<br />
=== If someone gets my master password, can't he determine all of my generated passwords? ===<br />
<br />
No. There are ten other variables he would need for each account. They are:<br />
* URL<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Probably the most interesting of these is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== Can someone "unscramble" my generated passwords to determine my master password? ===<br />
<br />
This is a common complaint heard about hashed-based password systems (for example, see page two of [http://passwordmaker.org/jhalderman.pdf A Convenient Method for Securely Managing Passwords]). The complaint simply doesn't hold water with PasswordMaker because PasswordMaker adds nine other variables not used in the traditional password=master+url formula. Those nine variables create an enormous search space which would take thousands of years to search, even using a distributed network of one million modern PCs. The nine variables are:<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Of course, the URLs of the sites must also be known since they are used in password calculation. Probably the most interesting of these variables is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== How do the account-settings and algorithm I choose work together to generate passwords? ===<br />
<br />
If you've selected a non-HMAC hash function (those without the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
password = mp + usingURL + username + modifier<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = hash(password, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
password = truncate(password, length)<br />
<br />
If you've selected an HMAC hash function (those with the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
data = usingURL + username + modifier<br><br />
mp = leet(mp, leetlevel) [optional]<br><br />
data = leet(data, leetlevel) [optional]<br><br />
password = hmac_hash(mp, data, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
truncate(password, length)<br />
<br />
Where + is the concatenation operator. mp is the master password, usingURL is the value in "Using URL", and username, counter, prefix, and suffix are optional settings specified in the Account Settings dialog. For HMAC hash functions, mp is the secret key and data is the input text.<br />
<br />
=== Where is my master password stored? ===<br />
<br />
Nowhere, unless you choose the option Store Master Password on disk and in memory (encrypted). If you choose this option, your master password is stored using 256-bit strong encryption in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, [http://kb.mozillazine.org/Profile_folder look here]. For further protection you can instruct your operating system to encrypt passwordmaker.rdf. Instructions on how to do this with Windows XP/2000/NT are [http://support.microsoft.com/kb/307877/EN-US/ here]. Instructions for Mac OS/X Tiger are [http://www.apple.com/macosx/features/filevault/ here].<br />
<br />
=== Where are the generated passwords stored? ===<br />
<br />
Nowhere. The generated passwords are calculated on-the-fly as they are needed. The RAM used to store and calculate the generated passwords is proactively cleared to prevent passwords from being stored in a swap file/virtual memory/paging file.<br />
<br />
=== How do I know PasswordMaker isn't sending my passwords to you without my knowledge? ===<br />
<br />
Although you can read the source code to determine this for yourself, there's an easier way. Install a packet sniffer and use PasswordMaker to generate some passwords. You won't see any traffic to or from PasswordMaker -- ever. It never connects to the internet. Two popular packet sniffers are [http://www.snort.org/ snort] (for Unix/Linux/OSX) and [http://www.lazydogutilities.com/ipprev.htm ipInterceptor] (for Windows). Both tools reveal *all* network traffic, not just HTTP.<br />
<br />
Another way would be if you have a two-way firewall installed. PasswordMaker will never trigger an outbound connection notification from your firewall (although it may trigger an inter-application process notification, depending on the firewall in use).<br />
<br />
=== If I don't want to change all of my passwords, is PasswordMaker still a good choice? ===<br />
<br />
Yes. PasswordMaker provides a secure method for encrypted storage of a specific, user-provided password for a custom Account. This way you can take advantage of PasswordMaker's other features (such as form completion) while still choosing your own passwords.<br />
<br />
To set up a URL/site in this manner, simply go to the login page for the Account that you want to save the password for, create a new (or open the existing) Account for this URL/site, change to ''Advanced Options'' (if you are not already there), click the ''Advanced Auto-Populate'' tab, click '''<u>inside</u>''' the '''password''' field on the login page, click inside the ''Field Value'' field, enter your current password, then click the <i>Add></i> button (just above the list-box for fields), and last but not least, if desired, check ''Auto-populate username and password fields for sites that contain this URL''.<br />
<br />
=== Which hash algorithms are supported? ===<br />
<br />
* MD4<br />
* HMAC-MD4<br />
* MD5<br />
* MD5 (for PasswordMaker v 0.6)<br />
* HMAC-MD5<br />
* HMAC-MD5 (for PasswordMaker v 0.6)<br />
* SHA-1<br />
* HMAC-SHA-1<br />
* SHA-256<br />
* HMAC-SHA-256<br />
* HMAC-SHA-256 (for PasswordMaker v 1.5.1)<br />
* RIPEMD-160<br />
* HMAC-RIPEMD-160<br />
<br />
=== Which hash algorithm should I use? ===<br />
<br />
All of the algorithms are cryptographically strong, but of the algorithms PasswordMaker offers, many people regard SHA-256, HMAC-SHA1, HMAC-MD5 and HMAC-SHA-256 as the strongest.<br />
<br />
=== What about recent press concerning MD5 AND SHA-1 "cracks"? ===<br />
<br />
At Crypto 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu announced [http://eprint.iacr.org/2004/199.pdf they had found hash collisions] for MD4, MD5, RIPEMD, and HAVAL-128. SHA-1 hash collisions have also been announced. A [http://en.wikipedia.org/wiki/Hash_collision hash collision] means the researchers found two or more messages that yield the same hash with these algorithms. However, it's important to note that the one-way nature of these algorithms has not been undermined. In other words, in the context of PasswordMaker, [http://en.wikipedia.org/wiki/Hash_collision hash collisions] do not empower someone with the ability to derive your master password if they have your generated (hashed) passwords. The hash collision attacks have no relevance to PasswordMaker except there is very small chance someone could choose a different master password than yours which hashes to the same generated password. However, he would still need your username and the URL in order to hack your account.<br />
<br />
=== Do you provide technical support? ===<br />
<br />
Yes! Free technical support is provided on the [http://forums.passwordmaker.org/ user forums], with a response time often measured in minutes, but typically never more than 24 hours.<br />
<br />
=== Where can I find an explanation of each and every feature and function? ===<br />
<br />
Right here!<br />
<br />
=== Do you accept Feature Requests? ===<br />
<br />
Yes, absolutely! Feature requests from people who actually use PasswordMaker is one of the reasons PasswordMaker has a lot of the functionality it now has!<br />
<br />
Our [http://forums.passwordmaker.org user forums] are the best place to get support, and the [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Request List] is the place to make your desires known.<br />
<br />
Please read through all of the existing [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Requests] before posting, because it is very possible that someone else has already done it for you. If so, then by all means post a request to add your vote to it, and any other Feature Requests that sound attractive to you.<br />
<br />
Each registered user gets 5 votes, so please feel free to stop by and add your votes now!<br />
<br />
=== How is PasswordMaker licensed? ===<br />
<br />
PasswordMaker is licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source License. The desktop edition (because of QT) is licensed under the [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPL] Open Source License.<br />
<br />
The full sources for PasswordMaker can be downloaded from [http://sourceforge.net/projects/passwordmaker here].<br />
<br />
=== What if my computer crashed, and I have to start over from scratch? ===<br />
<br />
Well, as long as you plan ahead and take a few simple precautions, this will not be a problem.<br />
<br />
A more involved discussion of this issue is discussed in this [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks#Super_Security_Tip|<b><u>Super <br />
Security Tip</u></b>]], but for this one single question, it boils down to just understanding how PasswordMaker works, and working out a simple system for how to use it that you can easily remember. In short:<br />
<br />
1. Figure out how you want to Group your accounts. It is recommended to keep your high-security accounts (e.g., financial) in a separate Group or Groups,<br />
<br />
2. Create a 'template' Account in each Group, that has the Settings configured the way you want for those Accounts, and 'Copy Account' to create a new Account in that Group with the correct settings already configured, and<br />
<br />
3. Modify the Defaults settings, and the settings your Group Template Accounts mentioned in #2 above, in such a way that would be difficult to guess how you had modified them, but easily reproducible by you if it became necessary.<br />
<br />
A little thoughtful planning will go a long way.<br />
<br />
=== What if I forget my Master Password? ===<br />
<br />
You're out of luck... so don't forget it.<br />
<br />
Seriously, since this password is not stored anywhere (unless you have told it to do so), there is nothing to recover. There is, however, one exception to this rule. If you have stored your Master Password on Disk, it is possible to discover it by doing the following:<br />
<br />
* open a web page to the following link:<br />
http://passwordmaker.org/decrypt.htm<br />
* find/open your RDF file,<br />
* find the 'globalSettings' section,<br />
* one at a time, copy/paste the values from the two following lines:<br />
<br />
NS1:masterPassword="CopyWhateverIsHere"<br><br />
NS1:masterPasswordKey="AndHereToo"<br />
<br />
into the appropriate boxes on the page you opened, then click the 'Decrypt' button.<br />
<br />
The Master Password that is stored on disk will be revealed in the 'Decrypted Master Password' box.<br />
<br />
== Firefox / Gecko edition ==<br />
<br />
=== Where is account information and other settings stored? ===<br />
<br />
Everything is stored in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, look [http://kb.mozillazine.org/Profile_folder here].<br />
<br />
=== How does PasswordMaker defeat keyloggers? ===<br />
<br />
Keyloggers work by tracing every key typed on the keyboard. With PasswordMaker, you never type anything but your master password (and if you choose <i>Store Master Password on disk and in memory (encrypted)</i>, you only type that <b>once</b>). The <b>real</b> passwords (generated ones) are never typed, so keyloggers never detect them!<br />
<br />
=== How does PasswordMaker defeat phishing attacks? ===<br />
<br />
Most phishing attacks occur when you navigate to a URL which appears to be that of a site that you trust, but actually is owned by an attacker. For example, you might navigate to http://www.bc1.lu/ instead of the Bank of Luxembourg's legitimate URL, http://www.bcl.lu/. The only difference between these two URLs is the lower-case letter <b>L</b> (used by the legitimate site) and the number <b>1</b> (used by the deceptive site). The attacker's intent is to get you to enter your username/password credentials on his deceptive site. He can then use those credentials on the legitimite site to do nefarious things.<br />
<br />
If you use PasswordMaker, you'll be safe and secure. This is because the password it generates is based on the URL to which you've navigated. The password generated at a deceptive site is completely different than the one generated at a legitimite site (because their URLs differ, even if by one character). You might still be fooled into thinking http://www.bc1.lu/ is the Bank of Luxembourg, but the attacker will get the wrong password if you use PasswordMaker.<br />
<br />
=== I want to use the same password for more than one site. Is this possible? ===<br />
<br />
Yes! Let's suppose you want a Yahoo! account to use the same password as a gMail account. Go to the <i>Advanced Options</i> dialog and create a new account. Click on the <b>URLs</b> tab, and add a second pattern that will match the gMail login URL - in fact, you can add as many patterns as you want to match for this account, and they will all use the same password! The only caveat to this is, if they have different usernames, PasswordMaker won't be able to automatically populate the usernames for you, because you can only define one username per account - but if they all share the same username, PasswordMaker will populate everything automatically for you for all of them. That's it!<br />
<br />
=== Can PasswordMaker accommodate sites that force me to change passwords periodically? ===<br />
<br />
Yes! Go to the Advanced Options dialog and create a new account. In the <i>When URL Contains</i> field, type <b>mybank.com</b>. In the <i>Use the following text...</i> field, type <b>'mybank.com'</b>. In the <i>Modifier</i> field, type any text (such as a date or number) that you wish to change over time. For instance, you could type <b>September 2007</b>. When October comes and the bank expires your password, simply change the Counter to <b>October 2007</b>. You might instead choose to use an incrementing number. For example, <b>1</b> for this month, <b>2</b> for the next month, etc. Any text that you enter in the <i>Counter</i> field will vary the password.<br />
<br />
=== Why doesn't PasswordMaker fill in the username on a site? ===<br />
<br />
Each site can use a different label for identifying the username field, and not all can be found. Currently the best way to handle this is to use the ''Advanced Auto-Populate'' tab.<br />
<br />
=== Can I share my settings between multiple computers? ===<br />
<br />
PasswordMaker has "Export Settings" and "Import Settings" options, as well as the ability to upload/download your RDF file to/from an FTP site.<br />
<br />
Exporting the settings saves them to a file (with the option to include/exclude the master password in encrypted form), while importing settings takes a file and imports its contents as if you'd manually entered them. You can synchronize two or more PCs this way.<br />
<br />
There are plans to optionally save this file on an FTP site so you don't need to transport it across PCs, but you can always opt-out of this. In the meantime, you can store exported settings centrally somewhere yourself (like your web-based email account) to make it easy to import them from anywhere.<br />
<br />
=== How can I change PasswordMaker's shortcuts (ctrl-` and alt-`) to something else? ===<br />
<br />
Install the [http://mozilla.dorando.at/keyconfig.xpi KeyConfig Extension]. Scroll down to the PasswordMaker entry and change the shortcuts to anything you like. Changes won't take effect until you restart Firefox/Mozilla.<br />
<br />
=== How can I turn off the toolbar icons for Mozilla and Netscape? ===<br />
<br />
You can turn it off (and back on again) by creating the new boolean preferences browser.toolbars.showbutton.passwordmaker and browser.toolbars.showbutton.passwordmaker-key in about:config or user.js with the value of true or false. Make sure to restart all browsers after making the change.<br />
<br />
=== How do I uninstall PasswordMaker? ===<br />
<br />
If you're using Firefox, it's quite simple. Select Tools -> Extensions, select PasswordMaker and click the Uninstall button.<br />
<br />
If you're using Mozilla or Netscape, it's as simple as deleting two files and one directory:<br />
<br />
* If you installed PasswordMaker to a profile, locate that profile's directory (read this if you don't know how to find it). If you installed PasswordMaker to the browser directory, locate your Mozilla or Netscape installation directory (read [http://kb.mozillazine.org/Profile_folder this] if you don't know how to find it).If you don't know where you installed PasswordMaker, try to remember how you answered this prompt when installation began:<br />
[[Image:mozilla-install.jpg]]<br />
<br />
The rest of these directions refer to the path you've identified as path.<br />
<br />
* Delete the file /path/chrome.rdf. This file is automatically regenerated the next time you start Mozilla or Netscape.<br />
* Delete the file /path/chrome/passwdmaker.jar<br />
* Delete the directory /path/chrome/overlayinfo. This directory is automatically recreated the next time you start Mozilla or Netscape. If you restart and this directory hasn't been recreated, don't worry: it just means you don't have any other extensions, themes, or skins installed.<br />
<br />
== Desktop edition ==<br />
<br />
== Javascript edition ==<br />
<br />
== Yahoo! Widget edition ==<br />
<br />
== Command-line edition ==<br />
<br />
== PHP / Mobile edition ==<br />
<br />
== On-line edition ==</div>Eric H. Junghttps://passwordmaker.org/index.php?title=F.A.Q.&diff=1386F.A.Q.2009-10-10T21:58:16Z<p>Eric H. Jung: Reverted edits by 98.226.195.127 (Talk) to last revision by Eric H. Jung</p>
<hr />
<div>== General ==<br />
<br />
=== What browsers/platforms are supported? ===<br />
<br />
*The extension works with some of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
*There was a beta version of PasswordMaker for Internet Explorer 6 and 7, but it was never finished, and is [http://forums.passwordmaker.org/index.php/topic,884.0.html no longer maintained]. It is highly unlikely that there will be any further development on it, unless a sponsor steps forward. If you are interested in sponsoring the Internet Explorer version, please feel free to post a message on the [http://forums.passwordmaker.org/ user forums] and someone will get in touch with you to see if an arrangement can be made.<br />
*There is an [http://passwordmaker.org/passwordmaker.html online version] that works with all browsers (including Internet Explorer and Opera) on all platforms.<br />
*The desktop version is written in [http://trolltech.com QT/C++] and works on [http://www.windows.com Windows], [http://www.apple.com Mac], and Linux/Unix (Actually, any place that QT can be compiled on). The [http://forums.passwordmaker.org/index.php/topic,1376.msg1280429.html#msg1280429 J2ME version] will work on any Java-enabled mobile phone or PDA.<br />
<br />
=== If someone gets my master password, can't he determine all of my generated passwords? ===<br />
<br />
No. There are ten other variables he would need for each account. They are:<br />
* URL<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Probably the most interesting of these is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== Can someone "unscramble" my generated passwords to determine my master password? ===<br />
<br />
This is a common complaint heard about hashed-based password systems (for example, see page two of [http://passwordmaker.org/jhalderman.pdf A Convenient Method for Securely Managing Passwords]). The complaint simply doesn't hold water with PasswordMaker because PasswordMaker adds nine other variables not used in the traditional password=master+url formula. Those nine variables create an enormous search space which would take thousands of years to search, even using a distributed network of one million modern PCs. The nine variables are:<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Of course, the URLs of the sites must also be known since they are used in password calculation. Probably the most interesting of these variables is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== How do the account-settings and algorithm I choose work together to generate passwords? ===<br />
<br />
If you've selected a non-HMAC hash function (those without the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
password = mp + usingURL + username + modifier<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = hash(password, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
password = truncate(password, length)<br />
<br />
If you've selected an HMAC hash function (those with the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
data = usingURL + username + modifier<br><br />
mp = leet(mp, leetlevel) [optional]<br><br />
data = leet(data, leetlevel) [optional]<br><br />
password = hmac_hash(mp, data, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
truncate(password, length)<br />
<br />
Where + is the concatenation operator. mp is the master password, usingURL is the value in "Using URL", and username, counter, prefix, and suffix are optional settings specified in the Account Settings dialog. For HMAC hash functions, mp is the secret key and data is the input text.<br />
<br />
=== Where is my master password stored? ===<br />
<br />
Nowhere, unless you choose the option Store Master Password on disk and in memory (encrypted). If you choose this option, your master password is stored using 256-bit strong encryption in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, [http://kb.mozillazine.org/Profile_folder look here]. For further protection you can instruct your operating system to encrypt passwordmaker.rdf. Instructions on how to do this with Windows XP/2000/NT are [http://support.microsoft.com/kb/307877/EN-US/ here]. Instructions for Mac OS/X Tiger are [http://www.apple.com/macosx/features/filevault/ here].<br />
<br />
=== Where are the generated passwords stored? ===<br />
<br />
Nowhere. The generated passwords are calculated on-the-fly as they are needed. The RAM used to store and calculate the generated passwords is proactively cleared to prevent passwords from being stored in a swap file/virtual memory/paging file.<br />
<br />
=== How do I know PasswordMaker isn't sending my passwords to you without my knowledge? ===<br />
<br />
Although you can read the source code to determine this for yourself, there's an easier way. Install a packet sniffer and use PasswordMaker to generate some passwords. You won't see any traffic to or from PasswordMaker -- ever. It never connects to the internet. Two popular packet sniffers are [http://www.snort.org/ snort] (for Unix/Linux/OSX) and [http://www.lazydogutilities.com/ipprev.htm ipInterceptor] (for Windows). Both tools reveal *all* network traffic, not just HTTP.<br />
<br />
Another way would be if you have a two-way firewall installed. PasswordMaker will never trigger an outbound connection notification from your firewall (although it may trigger an inter-application process notification, depending on the firewall in use).<br />
<br />
=== If I don't want to change all of my passwords, is PasswordMaker still a good choice? ===<br />
<br />
Yes. PasswordMaker provides a secure method for encrypted storage of a specific, user-provided password for a custom Account. This way you can take advantage of PasswordMaker's other features (such as form completion) while still choosing your own passwords.<br />
<br />
To set up a URL/site in this manner, simply go to the login page for the Account that you want to save the password for, create a new (or open the existing) Account for this URL/site, change to ''Advanced Options'' (if you are not already there), click the ''Advanced Auto-Populate'' tab, click '''<u>inside</u>''' the '''password''' field on the login page, click inside the ''Field Value'' field, enter your current password, then click the <i>Add></i> button (just above the list-box for fields), and last but not least, if desired, check ''Auto-populate username and password fields for sites that contain this URL''.<br />
<br />
=== Which hash algorithms are supported? ===<br />
<br />
* MD4<br />
* HMAC-MD4<br />
* MD5<br />
* MD5 (for PasswordMaker v 0.6)<br />
* HMAC-MD5<br />
* HMAC-MD5 (for PasswordMaker v 0.6)<br />
* SHA-1<br />
* HMAC-SHA-1<br />
* SHA-256<br />
* HMAC-SHA-256<br />
* HMAC-SHA-256 (for PasswordMaker v 1.5.1)<br />
* RIPEMD-160<br />
* HMAC-RIPEMD-160<br />
<br />
=== Which hash algorithm should I use? ===<br />
<br />
All of the algorithms are cryptographically strong, but of the algorithms PasswordMaker offers, many people regard SHA-256, HMAC-SHA1, HMAC-MD5 and HMAC-SHA-256 as the strongest.<br />
<br />
=== What about recent press concerning MD5 AND SHA-1 "cracks"? ===<br />
<br />
At Crypto 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu announced [http://eprint.iacr.org/2004/199.pdf they had found hash collisions] for MD4, MD5, RIPEMD, and HAVAL-128. SHA-1 hash collisions have also been announced. A [http://en.wikipedia.org/wiki/Hash_collision hash collision] means the researchers found two or more messages that yield the same hash with these algorithms. However, it's important to note that the one-way nature of these algorithms has not been undermined. In other words, in the context of PasswordMaker, [http://en.wikipedia.org/wiki/Hash_collision hash collisions] do not empower someone with the ability to derive your master password if they have your generated (hashed) passwords. The hash collision attacks have no relevance to PasswordMaker except there is very small chance someone could choose a different master password than yours which hashes to the same generated password. However, he would still need your username and the URL in order to hack your account.<br />
<br />
=== Do you provide technical support? ===<br />
<br />
Yes! Free technical support is provided on the [http://forums.passwordmaker.org/ user forums], with a response time often measured in minutes, but typically never more than 24 hours.<br />
<br />
=== Where can I find an explanation of each and every feature and function? ===<br />
<br />
Right here!<br />
<br />
=== Do you accept Feature Requests? ===<br />
<br />
Yes, absolutely! Feature requests from people who actually use PasswordMaker is one of the reasons PasswordMaker has a lot of the functionality it now has!<br />
<br />
Our [http://forums.passwordmaker.org user forums] are the best place to get support, and the [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Request List] is the place to make your desires known.<br />
<br />
Please read through all of the existing [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Requests] before posting, because it is very possible that someone else has already done it for you. If so, then by all means post a request to add your vote to it, and any other Feature Requests that sound attractive to you.<br />
<br />
Each registered user gets 5 votes, so please feel free to stop by and add your votes now!<br />
<br />
=== How is PasswordMaker licensed? ===<br />
<br />
PasswordMaker is licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source License. The desktop edition (because of QT) is licensed under the [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPL] Open Source License.<br />
<br />
The full sources for PasswordMaker can be downloaded from [http://sourceforge.net/projects/passwordmaker here].<br />
<br />
=== What if my computer crashed, and I have to start over from scratch? ===<br />
<br />
Well, as long as you plan ahead and take a few simple precautions, this will not be a problem.<br />
<br />
A more involved discussion of this issue is discussed in this [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks#Super_Security_Tip|<b><u>Super <br />
Security Tip</u></b>]], but for this one single question, it boils down to just understanding how PasswordMaker works, and working out a simple system for how to use it that you can easily remember. In short:<br />
<br />
1. Figure out how you want to Group your accounts. It is recommended to keep your high-security accounts (e.g., financial) in a separate Group or Groups,<br />
<br />
2. Create a 'template' Account in each Group, that has the Settings configured the way you want for those Accounts, and 'Copy Account' to create a new Account in that Group with the correct settings already configured, and<br />
<br />
3. Modify the Defaults settings, and the settings your Group Template Accounts mentioned in #2 above, in such a way that would be difficult to guess how you had modified them, but easily reproducible by you if it became necessary.<br />
<br />
A little thoughtful planning will go a long way.<br />
<br />
=== What if I forget my Master Password? ===<br />
<br />
You're out of luck... so don't forget it.<br />
<br />
Seriously, since this password is not stored anywhere (unless you have told it to do so), there is nothing to recover. There is, however, one exception to this rule. If you have stored your Master Password on Disk, it is possible to discover it by doing the following:<br />
<br />
* open a web page to the following link:<br />
http://passwordmaker.org/decrypt.htm<br />
* find/open your RDF file,<br />
* find the 'globalSettings' section,<br />
* one at a time, copy/paste the values from the two following lines:<br />
<br />
NS1:masterPassword="CopyWhateverIsHere"<br><br />
NS1:masterPasswordKey="AndHereToo"<br />
<br />
into the appropriate boxes on the page you opened, then click the 'Decrypt' button.<br />
<br />
The Master Password that is stored on disk will be revealed in the 'Decrypted Master Password' box.<br />
<br />
== Firefox / Gecko edition ==<br />
<br />
=== Where is account information and other settings stored? ===<br />
<br />
Everything is stored in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, look [http://kb.mozillazine.org/Profile_folder here].<br />
<br />
=== How does PasswordMaker defeat keyloggers? ===<br />
<br />
Keyloggers work by tracing every key typed on the keyboard. With PasswordMaker, you never type anything but your master password (and if you choose <i>Store Master Password on disk and in memory (encrypted)</i>, you only type that <b>once</b>). The <b>real</b> passwords (generated ones) are never typed, so keyloggers never detect them!<br />
<br />
=== How does PasswordMaker defeat phishing attacks? ===<br />
<br />
Most phishing attacks occur when you navigate to a URL which appears to be that of a site that you trust, but actually is owned by an attacker. For example, you might navigate to http://www.bc1.lu/ instead of the Bank of Luxembourg's legitimate URL, http://www.bcl.lu/. The only difference between these two URLs is the lower-case letter <b>L</b> (used by the legitimate site) and the number <b>1</b> (used by the deceptive site). The attacker's intent is to get you to enter your username/password credentials on his deceptive site. He can then use those credentials on the legitimite site to do nefarious things.<br />
<br />
If you use PasswordMaker, you'll be safe and secure. This is because the password it generates is based on the URL to which you've navigated. The password generated at a deceptive site is completely different than the one generated at a legitimite site (because their URLs differ, even if by one character). You might still be fooled into thinking http://www.bc1.lu/ is the Bank of Luxembourg, but the attacker will get the wrong password if you use PasswordMaker.<br />
<br />
=== I want to use the same password for more than one site. Is this possible? ===<br />
<br />
Yes! Let's suppose you want a Yahoo! account to use the same password as a gMail account. Go to the <i>Advanced Options</i> dialog and create a new account. Click on the <b>URLs</b> tab, and add a second pattern that will match the gMail login URL - in fact, you can add as many patterns as you want to match for this account, and they will all use the same password! The only caveat to this is, if they have different usernames, PasswordMaker won't be able to automatically populate the usernames for you, because you can only define one username per account - but if they all share the same username, PasswordMaker will populate everything automatically for you for all of them. That's it!<br />
<br />
=== Can PasswordMaker accommodate sites that force me to change passwords periodically? ===<br />
<br />
Yes! Go to the Advanced Options dialog and create a new account. In the <i>When URL Contains</i> field, type <b>mybank.com</b>. In the <i>Use the following text...</i> field, type <b>'mybank.com'</b>. In the <i>Modifier</i> field, type any text (such as a date or number) that you wish to change over time. For instance, you could type <b>September 2007</b>. When October comes and the bank expires your password, simply change the Counter to <b>October 2007</b>. You might instead choose to use an incrementing number. For example, <b>1</b> for this month, <b>2</b> for the next month, etc. Any text that you enter in the <i>Counter</i> field will vary the password.<br />
<br />
=== Why doesn't PasswordMaker fill in the username on a site? ===<br />
<br />
Each site can use a different label for identifying the username field, and not all can be found. Currently the best way to handle this is to use the ''Advanced Auto-Populate'' tab.<br />
<br />
=== Can I share my settings between multiple computers? ===<br />
<br />
PasswordMaker has "Export Settings" and "Import Settings" options, as well as the ability to upload/download your RDF file to/from an FTP site.<br />
<br />
Exporting the settings saves them to a file (with the option to include/exclude the master password in encrypted form), while importing settings takes a file and imports its contents as if you'd manually entered them. You can synchronize two or more PCs this way.<br />
<br />
There are plans to optionally save this file on an FTP site so you don't need to transport it across PCs, but you can always opt-out of this. In the meantime, you can store exported settings centrally somewhere yourself (like your web-based email account) to make it easy to import them from anywhere.<br />
<br />
=== How can I change PasswordMaker's shortcuts (ctrl-` and alt-`) to something else? ===<br />
<br />
Install the [http://mozilla.dorando.at/keyconfig.xpi KeyConfig Extension]. Scroll down to the PasswordMaker entry and change the shortcuts to anything you like. Changes won't take effect until you restart Firefox/Mozilla.<br />
<br />
=== How can I turn off the toolbar icons for Mozilla and Netscape? ===<br />
<br />
You can turn it off (and back on again) by creating the new boolean preferences browser.toolbars.showbutton.passwordmaker and browser.toolbars.showbutton.passwordmaker-key in about:config or user.js with the value of true or false. Make sure to restart all browsers after making the change.<br />
<br />
=== How do I uninstall PasswordMaker? ===<br />
<br />
If you're using Firefox, it's quite simple. Select Tools -> Extensions, select PasswordMaker and click the Uninstall button.<br />
<br />
If you're using Mozilla or Netscape, it's as simple as deleting two files and one directory:<br />
<br />
* If you installed PasswordMaker to a profile, locate that profile's directory (read this if you don't know how to find it). If you installed PasswordMaker to the browser directory, locate your Mozilla or Netscape installation directory (read [http://kb.mozillazine.org/Profile_folder this] if you don't know how to find it).If you don't know where you installed PasswordMaker, try to remember how you answered this prompt when installation began:<br />
[[Image:mozilla-install.jpg]]<br />
<br />
The rest of these directions refer to the path you've identified as path.<br />
<br />
* Delete the file /path/chrome.rdf. This file is automatically regenerated the next time you start Mozilla or Netscape.<br />
* Delete the file /path/chrome/passwdmaker.jar<br />
* Delete the directory /path/chrome/overlayinfo. This directory is automatically recreated the next time you start Mozilla or Netscape. If you restart and this directory hasn't been recreated, don't worry: it just means you don't have any other extensions, themes, or skins installed.<br />
<br />
== Desktop edition ==<br />
<br />
== Javascript edition ==<br />
<br />
== Yahoo! Widget edition ==<br />
<br />
== Command-line edition ==<br />
<br />
== PHP / Mobile edition ==<br />
<br />
== On-line edition ==</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1376Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2009-08-05T01:40:55Z<p>Eric H. Jung: /* Beta Versions for Firefox/Mozilla/Netscape/Flock/SeaMonkey */</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/Mozilla/Netscape/Flock/SeaMonkey==<br />
<br />
===1.7.3 beta 1===<br />
[[Media:Passwdmaker-1.7.3b1.xpi|Download]] - 249kb.<br />
<br />
[http://leahscape.com/passwdmaker-1.7.3b1.xpi Other download link]<br />
<br />
====Release Notes====<br />
*Fixed bug whereby regular expression characters that appear in URLS can interfere with wildcard patterns<br />
*Fixed autopopulate issue in Firefox 3.5 with Netflix<br />
*Internal version bumps to natively support up to Firefox 3.6a1pre, Seamonkey 2.1a1pre, and Flock 2.0.*<br />
<br />
<br />
<!--<br />
<br />
===1.7.2 beta 2===<br />
[[Media:Passwdmaker-1.7.2b2.xpi|Download]] - 249kb.<br />
<br />
====Release Notes====<br />
*Fixed save master password to memory and disk--></div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta&diff=1375Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta2009-08-05T01:35:44Z<p>Eric H. Jung: added link to 1.7.3b1</p>
<hr />
<div>__TOC__<br />
<br />
==Beta Versions for Firefox/Mozilla/Netscape/Flock/SeaMonkey==<br />
<br />
There is currently no beta versions to test.<br />
<br />
<br />
===1.7.3 beta 1===<br />
[[Media:Passwdmaker-1.7.3b1.xpi|Download]] - 249kb.<br />
<br />
====Release Notes====<br />
*Fixed bug whereby regular expression characters that appear in URLS can interfere with wildcard patterns<br />
*Fixed autopopulate issue in Firefox 3.5 with Netflix<br />
*Internal version bumps to natively support up to Firefox 3.6a1pre, Seamonkey 2.1a1pre, and Flock 2.0.*<br />
<br />
<br />
<!--<br />
<br />
===1.7.2 beta 2===<br />
[[Media:Passwdmaker-1.7.2b2.xpi|Download]] - 249kb.<br />
<br />
====Release Notes====<br />
*Fixed save master password to memory and disk--></div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download&diff=1374Firefox/Mozilla/SeaMonkey/Flock/Netscape/Download2009-08-05T01:31:05Z<p>Eric H. Jung: removed version numbers from beta so we don't have to keep updating this page</p>
<hr />
<div>==Download PasswordMaker for Firefox/Mozilla/SeaMonkey/Flock/Netscape==<br />
PasswordMaker 1.7.2 can be downloaded securely from [https://addons.mozilla.org/en-US/firefox/addon/469 here].<br />
<br />
<br />
*Version history and release notes can be found [https://addons.mozilla.org/en-US/firefox/addons/versions/469 here]. Release notes for versions 1.6.1 and earlier can be found [http://passwordmaker.sourceforge.net/installation2.html here].<br />
<br />
*Beta versions can be found [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Beta|here]].</div>Eric H. Junghttps://passwordmaker.org/index.php?title=F.A.Q.&diff=1349F.A.Q.2009-04-25T20:19:12Z<p>Eric H. Jung: fixed link</p>
<hr />
<div>== General ==<br />
<br />
=== What browsers/platforms are supported? ===<br />
<br />
*The extension works with some of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
*There was a beta version of PasswordMaker for Internet Explorer 6 and 7, but it was never finished, and is [http://forums.passwordmaker.org/index.php/topic,884.0.html no longer maintained]. It is highly unlikely that there will be any further development on it, unless a sponsor steps forward. If you are interested in sponsoring the Internet Explorer version, please feel free to post a message on the [http://forums.passwordmaker.org/ user forums] and someone will get in touch with you to see if an arrangement can be made.<br />
*There is an [http://passwordmaker.org/passwordmaker.html online version] that works with all browsers (including Internet Explorer and Opera) on all platforms.<br />
*The desktop version is written in [http://trolltech.com QT/C++] and works on [http://www.windows.com Windows], [http://www.apple.com Mac], and Linux/Unix (Actually, any place that QT can be compiled on). The [http://forums.passwordmaker.org/index.php/topic,1376.msg1280429.html#msg1280429 J2ME version] will work on any Java-enabled mobile phone or PDA.<br />
<br />
=== If someone gets my master password, can't he determine all of my generated passwords? ===<br />
<br />
No. There are ten other variables he would need for each account. They are:<br />
* URL<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Probably the most interesting of these is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== Can someone "unscramble" my generated passwords to determine my master password? ===<br />
<br />
This is a common complaint heard about hashed-based password systems (for example, see page two of [http://passwordmaker.org/jhalderman.pdf A Convenient Method for Securely Managing Passwords]). The complaint simply doesn't hold water with PasswordMaker because PasswordMaker adds nine other variables not used in the traditional password=master+url formula. Those nine variables create an enormous search space which would take thousands of years to search, even using a distributed network of one million modern PCs. The nine variables are:<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Of course, the URLs of the sites must also be known since they are used in password calculation. Probably the most interesting of these variables is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== How do the account-settings and algorithm I choose work together to generate passwords? ===<br />
<br />
If you've selected a non-HMAC hash function (those without the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
password = mp + usingURL + username + modifier<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = hash(password, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
password = truncate(password, length)<br />
<br />
If you've selected an HMAC hash function (those with the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
data = usingURL + username + modifier<br><br />
mp = leet(mp, leetlevel) [optional]<br><br />
data = leet(data, leetlevel) [optional]<br><br />
password = hmac_hash(mp, data, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
truncate(password, length)<br />
<br />
Where + is the concatenation operator. mp is the master password, usingURL is the value in "Using URL", and username, counter, prefix, and suffix are optional settings specified in the Account Settings dialog. For HMAC hash functions, mp is the secret key and data is the input text.<br />
<br />
=== Where is my master password stored? ===<br />
<br />
Nowhere, unless you choose the option Store Master Password on disk and in memory (encrypted). If you choose this option, your master password is stored using 256-bit strong encryption in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, [http://kb.mozillazine.org/Profile_folder look here]. For further protection you can instruct your operating system to encrypt passwordmaker.rdf. Instructions on how to do this with Windows XP/2000/NT are [http://support.microsoft.com/kb/307877/EN-US/ here]. Instructions for Mac OS/X Tiger are [http://www.apple.com/macosx/features/filevault/ here].<br />
<br />
=== Where are the generated passwords stored? ===<br />
<br />
Nowhere. The generated passwords are calculated on-the-fly as they are needed. The RAM used to store and calculate the generated passwords is proactively cleared to prevent passwords from being stored in a swap file/virtual memory/paging file.<br />
<br />
=== How do I know PasswordMaker isn't sending my passwords to you without my knowledge? ===<br />
<br />
Although you can read the source code to determine this for yourself, there's an easier way. Install a packet sniffer and use PasswordMaker to generate some passwords. You won't see any traffic to or from PasswordMaker -- ever. It never connects to the internet. Two popular packet sniffers are [http://www.snort.org/ snort] (for Unix/Linux/OSX) and [http://www.lazydogutilities.com/ipprev.htm ipInterceptor] (for Windows). Both tools reveal *all* network traffic, not just HTTP.<br />
<br />
Another way would be if you have a two-way firewall installed. PasswordMaker will never trigger an outbound connection notification from your firewall (although it may trigger an inter-application process notification, depending on the firewall in use).<br />
<br />
=== If I don't want to change all of my passwords, is PasswordMaker still a good choice? ===<br />
<br />
Yes. PasswordMaker provides a secure method for encrypted storage of a specific, user-provided password for a custom Account. This way you can take advantage of PasswordMaker's other features (such as form completion) while still choosing your own passwords.<br />
<br />
To set up a URL/site in this manner, simply go to the login page for the Account that you want to save the password for, create a new (or open the existing) Account for this URL/site, change to ''Advanced Options'' (if you are not already there), click the ''Advanced Auto-Populate'' tab, click '''<u>inside</u>''' the '''password''' field on the login page, click inside the ''Field Value'' field, enter your current password, then click the <i>Add></i> button (just above the list-box for fields), and last but not least, if desired, check ''Auto-populate username and password fields for sites that contain this URL''.<br />
<br />
=== Which hash algorithms are supported? ===<br />
<br />
* MD4<br />
* HMAC-MD4<br />
* MD5<br />
* MD5 (for PasswordMaker v 0.6)<br />
* HMAC-MD5<br />
* HMAC-MD5 (for PasswordMaker v 0.6)<br />
* SHA-1<br />
* HMAC-SHA-1<br />
* SHA-256<br />
* HMAC-SHA-256<br />
* HMAC-SHA-256 (for PasswordMaker v 1.5.1)<br />
* RIPEMD-160<br />
* HMAC-RIPEMD-160<br />
<br />
=== Which hash algorithm should I use? ===<br />
<br />
All of the algorithms are cryptographically strong, but of the algorithms PasswordMaker offers, many people regard SHA-256, HMAC-SHA1, HMAC-MD5 and HMAC-SHA-256 as the strongest.<br />
<br />
=== What about recent press concerning MD5 AND SHA-1 "cracks"? ===<br />
<br />
At Crypto 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu announced [http://eprint.iacr.org/2004/199.pdf they had found hash collisions] for MD4, MD5, RIPEMD, and HAVAL-128. SHA-1 hash collisions have also been announced. A [http://en.wikipedia.org/wiki/Hash_collision hash collision] means the researchers found two or more messages that yield the same hash with these algorithms. However, it's important to note that the one-way nature of these algorithms has not been undermined. In other words, in the context of PasswordMaker, [http://en.wikipedia.org/wiki/Hash_collision hash collisions] do not empower someone with the ability to derive your master password if they have your generated (hashed) passwords. The hash collision attacks have no relevance to PasswordMaker except there is very small chance someone could choose a different master password than yours which hashes to the same generated password. However, he would still need your username and the URL in order to hack your account.<br />
<br />
=== Do you provide technical support? ===<br />
<br />
Yes! Free technical support is provided on the [http://forums.passwordmaker.org/ user forums], with a response time often measured in minutes, but typically never more than 24 hours.<br />
<br />
=== Where can I find an explanation of each and every feature and function? ===<br />
<br />
Right here!<br />
<br />
=== Do you accept Feature Requests? ===<br />
<br />
Yes, absolutely! Feature requests from people who actually use PasswordMaker is one of the reasons PasswordMaker has a lot of the functionality it now has!<br />
<br />
Our [http://forums.passwordmaker.org user forums] are the best place to get support, and the [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Request List] is the place to make your desires known.<br />
<br />
Please read through all of the existing [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Requests] before posting, because it is very possible that someone else has already done it for you. If so, then by all means post a request to add your vote to it, and any other Feature Requests that sound attractive to you.<br />
<br />
Each registered user gets 5 votes, so please feel free to stop by and add your votes now!<br />
<br />
=== How is PasswordMaker licensed? ===<br />
<br />
PasswordMaker is licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source License. The desktop edition (because of QT) is licensed under the [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPL] Open Source License.<br />
<br />
The full sources for PasswordMaker can be downloaded from [http://sourceforge.net/projects/passwordmaker here].<br />
<br />
=== What if my computer crashed, and I have to start over from scratch? ===<br />
<br />
Well, as long as you plan ahead and take a few simple precautions, this will not be a problem.<br />
<br />
A more involved discussion of this issue is discussed in this [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks#Super_Security_Tip|<b><u>Super <br />
Security Tip</u></b>]], but for this one single question, it boils down to just understanding how PasswordMaker works, and working out a simple system for how to use it that you can easily remember. In short:<br />
<br />
1. Figure out how you want to Group your accounts. It is recommended to keep your high-security accounts (e.g., financial) in a separate Group or Groups,<br />
<br />
2. Create a 'template' Account in each Group, that has the Settings configured the way you want for those Accounts, and 'Copy Account' to create a new Account in that Group with the correct settings already configured, and<br />
<br />
3. Modify the Defaults settings, and the settings your Group Template Accounts mentioned in #2 above, in such a way that would be difficult to guess how you had modified them, but easily reproducible by you if it became necessary.<br />
<br />
A little thoughtful planning will go a long way.<br />
<br />
=== What if I forget my Master Password? ===<br />
<br />
You're out of luck... so don't forget it.<br />
<br />
Seriously, since this password is not stored anywhere (unless you have told it to do so), there is nothing to recover. There is, however, one exception to this rule. If you have stored your Master Password on Disk, it is possible to discover it by doing the following:<br />
<br />
* open a web page to the following link:<br />
http://passwordmaker.org/decrypt.htm<br />
* find/open your RDF file,<br />
* find the 'globalSettings' section,<br />
* one at a time, copy/paste the values from the two following lines:<br />
<br />
NS1:masterPassword="CopyWhateverIsHere"<br><br />
NS1:masterPasswordKey="AndHereToo"<br />
<br />
into the appropriate boxes on the page you opened, then click the 'Decrypt' button.<br />
<br />
The Master Password that is stored on disk will be revealed in the 'Decrypted Master Password' box.<br />
<br />
== Firefox / Gecko edition ==<br />
<br />
=== Where is account information and other settings stored? ===<br />
<br />
Everything is stored in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, look [http://kb.mozillazine.org/Profile_folder here].<br />
<br />
=== How does PasswordMaker defeat keyloggers? ===<br />
<br />
Keyloggers work by tracing every key typed on the keyboard. With PasswordMaker, you never type anything but your master password (and if you choose <i>Store Master Password on disk and in memory (encrypted)</i>, you only type that <b>once</b>). The <b>real</b> passwords (generated ones) are never typed, so keyloggers never detect them!<br />
<br />
=== How does PasswordMaker defeat phishing attacks? ===<br />
<br />
Most phishing attacks occur when you navigate to a URL which appears to be that of a site that you trust, but actually is owned by an attacker. For example, you might navigate to http://www.bc1.lu/ instead of the Bank of Luxembourg's legitimate URL, http://www.bcl.lu/. The only difference between these two URLs is the lower-case letter <b>L</b> (used by the legitimate site) and the number <b>1</b> (used by the deceptive site). The attacker's intent is to get you to enter your username/password credentials on his deceptive site. He can then use those credentials on the legitimite site to do nefarious things.<br />
<br />
If you use PasswordMaker, you'll be safe and secure. This is because the password it generates is based on the URL to which you've navigated. The password generated at a deceptive site is completely different than the one generated at a legitimite site (because their URLs differ, even if by one character). You might still be fooled into thinking http://www.bc1.lu/ is the Bank of Luxembourg, but the attacker will get the wrong password if you use PasswordMaker.<br />
<br />
=== I want to use the same password for more than one site. Is this possible? ===<br />
<br />
Yes! Let's suppose you want a Yahoo! account to use the same password as a gMail account. Go to the <i>Advanced Options</i> dialog and create a new account. Click on the <b>URLs</b> tab, and add a second pattern that will match the gMail login URL - in fact, you can add as many patterns as you want to match for this account, and they will all use the same password! The only caveat to this is, if they have different usernames, PasswordMaker won't be able to automatically populate the usernames for you, because you can only define one username per account - but if they all share the same username, PasswordMaker will populate everything automatically for you for all of them. That's it!<br />
<br />
=== Can PasswordMaker accommodate sites that force me to change passwords periodically? ===<br />
<br />
Yes! Go to the Advanced Options dialog and create a new account. In the <i>When URL Contains</i> field, type <b>mybank.com</b>. In the <i>Use the following text...</i> field, type <b>'mybank.com'</b>. In the <i>Modifier</i> field, type any text (such as a date or number) that you wish to change over time. For instance, you could type <b>September 2007</b>. When October comes and the bank expires your password, simply change the Counter to <b>October 2007</b>. You might instead choose to use an incrementing number. For example, <b>1</b> for this month, <b>2</b> for the next month, etc. Any text that you enter in the <i>Counter</i> field will vary the password.<br />
<br />
=== Why doesn't PasswordMaker fill in the username on a site? ===<br />
<br />
Each site can use a different label for identifying the username field, and not all can be found. Currently the best way to handle this is to use the ''Advanced Auto-Populate'' tab.<br />
<br />
=== Can I share my settings between multiple computers? ===<br />
<br />
PasswordMaker has "Export Settings" and "Import Settings" options, as well as the ability to upload/download your RDF file to/from an FTP site.<br />
<br />
Exporting the settings saves them to a file (with the option to include/exclude the master password in encrypted form), while importing settings takes a file and imports its contents as if you'd manually entered them. You can synchronize two or more PCs this way.<br />
<br />
There are plans to optionally save this file on an FTP site so you don't need to transport it across PCs, but you can always opt-out of this. In the meantime, you can store exported settings centrally somewhere yourself (like your web-based email account) to make it easy to import them from anywhere.<br />
<br />
=== How can I change PasswordMaker's shortcuts (ctrl-` and alt-`) to something else? ===<br />
<br />
Install the [http://mozilla.dorando.at/keyconfig.xpi KeyConfig Extension]. Scroll down to the PasswordMaker entry and change the shortcuts to anything you like. Changes won't take effect until you restart Firefox/Mozilla.<br />
<br />
=== How can I turn off the toolbar icons for Mozilla and Netscape? ===<br />
<br />
You can turn it off (and back on again) by creating the new boolean preferences browser.toolbars.showbutton.passwordmaker and browser.toolbars.showbutton.passwordmaker-key in about:config or user.js with the value of true or false. Make sure to restart all browsers after making the change.<br />
<br />
=== How do I uninstall PasswordMaker? ===<br />
<br />
If you're using Firefox, it's quite simple. Select Tools -> Extensions, select PasswordMaker and click the Uninstall button.<br />
<br />
If you're using Mozilla or Netscape, it's as simple as deleting two files and one directory:<br />
<br />
* If you installed PasswordMaker to a profile, locate that profile's directory (read this if you don't know how to find it). If you installed PasswordMaker to the browser directory, locate your Mozilla or Netscape installation directory (read [http://kb.mozillazine.org/Profile_folder this] if you don't know how to find it).If you don't know where you installed PasswordMaker, try to remember how you answered this prompt when installation began:<br />
[[Image:mozilla-install.jpg]]<br />
<br />
The rest of these directions refer to the path you've identified as path.<br />
<br />
* Delete the file /path/chrome.rdf. This file is automatically regenerated the next time you start Mozilla or Netscape.<br />
* Delete the file /path/chrome/passwdmaker.jar<br />
* Delete the directory /path/chrome/overlayinfo. This directory is automatically recreated the next time you start Mozilla or Netscape. If you restart and this directory hasn't been recreated, don't worry: it just means you don't have any other extensions, themes, or skins installed.<br />
<br />
== Desktop edition ==<br />
<br />
== Javascript edition ==<br />
<br />
== Yahoo! Widget edition ==<br />
<br />
== Command-line edition ==<br />
<br />
== PHP / Mobile edition ==<br />
<br />
== On-line edition ==</div>Eric H. Junghttps://passwordmaker.org/index.php?title=F.A.Q.&diff=1348F.A.Q.2009-04-25T20:18:02Z<p>Eric H. Jung: /* What if I forget my Master Password? */</p>
<hr />
<div>== General ==<br />
<br />
=== What browsers/platforms are supported? ===<br />
<br />
*The extension works with some of the most popular [http://en.wikipedia.org/wiki/Gecko_(layout_engine) Gecko] based web browsers, including: [http://www.mozilla.com/en-US/firefox/ Firefox], [http://www.mozilla.org/projects/seamonkey/ SeaMonkey], [http://www.mozilla.org/products/mozilla1.x/ Mozilla Suite], [http://www.flock.com/ Flock] and [http://browser.netscape.com/ Netscape].<br />
*There was a beta version of PasswordMaker for Internet Explorer 6 and 7, but it was never finished, and is [http://forums.passwordmaker.org/index.php/topic,884.0.html no longer maintained]. It is highly unlikely that there will be any further development on it, unless a sponsor steps forward. If you are interested in sponsoring the Internet Explorer version, please feel free to post a message on the [http://forums.passwordmaker.org/ user forums] and someone will get in touch with you to see if an arrangement can be made.<br />
*There is an [http://passwordmaker.org/passwordmaker.html online version] that works with all browsers (including Internet Explorer and Opera) on all platforms.<br />
*The desktop version is written in [http://trolltech.com QT/C++] and works on [http://www.windows.com Windows], [http://www.apple.com Mac], and Linux/Unix (Actually, any place that QT can be compiled on). The [http://forums.passwordmaker.org/index.php/topic,1376.msg1280429.html#msg1280429 J2ME version] will work on any Java-enabled mobile phone or PDA.<br />
<br />
=== If someone gets my master password, can't he determine all of my generated passwords? ===<br />
<br />
No. There are ten other variables he would need for each account. They are:<br />
* URL<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Probably the most interesting of these is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== Can someone "unscramble" my generated passwords to determine my master password? ===<br />
<br />
This is a common complaint heard about hashed-based password systems (for example, see page two of [http://passwordmaker.org/jhalderman.pdf A Convenient Method for Securely Managing Passwords]). The complaint simply doesn't hold water with PasswordMaker because PasswordMaker adds nine other variables not used in the traditional password=master+url formula. Those nine variables create an enormous search space which would take thousands of years to search, even using a distributed network of one million modern PCs. The nine variables are:<br />
* character set<br />
* which of nine hash algorithms was used<br />
* modifier (if any)<br />
* username (if any)<br />
* password length<br />
* password prefix (if any)<br />
* password suffix (if any)<br />
* which of nine l33t-speak levels was used<br />
* when l33t-speak was applied (if at all)<br />
Of course, the URLs of the sites must also be known since they are used in password calculation. Probably the most interesting of these variables is character set because it gives you the flexibility to determine precisely which characters can and can't be included in generated passwords.<br />
<br />
=== How do the account-settings and algorithm I choose work together to generate passwords? ===<br />
<br />
If you've selected a non-HMAC hash function (those without the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
password = mp + usingURL + username + modifier<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = hash(password, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
password = truncate(password, length)<br />
<br />
If you've selected an HMAC hash function (those with the HMAC prefix), passwords are generated using the following pseudocode:<br />
<br />
data = usingURL + username + modifier<br><br />
mp = leet(mp, leetlevel) [optional]<br><br />
data = leet(data, leetlevel) [optional]<br><br />
password = hmac_hash(mp, data, charset)<br><br />
password = leet(password, leetlevel) [optional]<br><br />
password = truncate(prefix + password, length-suffix_length) + suffix<br><br />
truncate(password, length)<br />
<br />
Where + is the concatenation operator. mp is the master password, usingURL is the value in "Using URL", and username, counter, prefix, and suffix are optional settings specified in the Account Settings dialog. For HMAC hash functions, mp is the secret key and data is the input text.<br />
<br />
=== Where is my master password stored? ===<br />
<br />
Nowhere, unless you choose the option Store Master Password on disk and in memory (encrypted). If you choose this option, your master password is stored using 256-bit strong encryption in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, [http://kb.mozillazine.org/Profile_folder look here]. For further protection you can instruct your operating system to encrypt passwordmaker.rdf. Instructions on how to do this with Windows XP/2000/NT are [http://support.microsoft.com/kb/307877/EN-US/ here]. Instructions for Mac OS/X Tiger are [http://www.apple.com/macosx/features/filevault/ here].<br />
<br />
=== Where are the generated passwords stored? ===<br />
<br />
Nowhere. The generated passwords are calculated on-the-fly as they are needed. The RAM used to store and calculate the generated passwords is proactively cleared to prevent passwords from being stored in a swap file/virtual memory/paging file.<br />
<br />
=== How do I know PasswordMaker isn't sending my passwords to you without my knowledge? ===<br />
<br />
Although you can read the source code to determine this for yourself, there's an easier way. Install a packet sniffer and use PasswordMaker to generate some passwords. You won't see any traffic to or from PasswordMaker -- ever. It never connects to the internet. Two popular packet sniffers are [http://www.snort.org/ snort] (for Unix/Linux/OSX) and [http://www.lazydogutilities.com/ipprev.htm ipInterceptor] (for Windows). Both tools reveal *all* network traffic, not just HTTP.<br />
<br />
Another way would be if you have a two-way firewall installed. PasswordMaker will never trigger an outbound connection notification from your firewall (although it may trigger an inter-application process notification, depending on the firewall in use).<br />
<br />
=== If I don't want to change all of my passwords, is PasswordMaker still a good choice? ===<br />
<br />
Yes. PasswordMaker provides a secure method for encrypted storage of a specific, user-provided password for a custom Account. This way you can take advantage of PasswordMaker's other features (such as form completion) while still choosing your own passwords.<br />
<br />
To set up a URL/site in this manner, simply go to the login page for the Account that you want to save the password for, create a new (or open the existing) Account for this URL/site, change to ''Advanced Options'' (if you are not already there), click the ''Advanced Auto-Populate'' tab, click '''<u>inside</u>''' the '''password''' field on the login page, click inside the ''Field Value'' field, enter your current password, then click the <i>Add></i> button (just above the list-box for fields), and last but not least, if desired, check ''Auto-populate username and password fields for sites that contain this URL''.<br />
<br />
=== Which hash algorithms are supported? ===<br />
<br />
* MD4<br />
* HMAC-MD4<br />
* MD5<br />
* MD5 (for PasswordMaker v 0.6)<br />
* HMAC-MD5<br />
* HMAC-MD5 (for PasswordMaker v 0.6)<br />
* SHA-1<br />
* HMAC-SHA-1<br />
* SHA-256<br />
* HMAC-SHA-256<br />
* HMAC-SHA-256 (for PasswordMaker v 1.5.1)<br />
* RIPEMD-160<br />
* HMAC-RIPEMD-160<br />
<br />
=== Which hash algorithm should I use? ===<br />
<br />
All of the algorithms are cryptographically strong, but of the algorithms PasswordMaker offers, many people regard SHA-256, HMAC-SHA1, HMAC-MD5 and HMAC-SHA-256 as the strongest.<br />
<br />
=== What about recent press concerning MD5 AND SHA-1 "cracks"? ===<br />
<br />
At Crypto 2004, Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu announced [http://eprint.iacr.org/2004/199.pdf they had found hash collisions] for MD4, MD5, RIPEMD, and HAVAL-128. SHA-1 hash collisions have also been announced. A [http://en.wikipedia.org/wiki/Hash_collision hash collision] means the researchers found two or more messages that yield the same hash with these algorithms. However, it's important to note that the one-way nature of these algorithms has not been undermined. In other words, in the context of PasswordMaker, [http://en.wikipedia.org/wiki/Hash_collision hash collisions] do not empower someone with the ability to derive your master password if they have your generated (hashed) passwords. The hash collision attacks have no relevance to PasswordMaker except there is very small chance someone could choose a different master password than yours which hashes to the same generated password. However, he would still need your username and the URL in order to hack your account.<br />
<br />
=== Do you provide technical support? ===<br />
<br />
Yes! Free technical support is provided on the [http://forums.passwordmaker.org/ user forums], with a response time often measured in minutes, but typically never more than 24 hours.<br />
<br />
=== Where can I find an explanation of each and every feature and function? ===<br />
<br />
Right here!<br />
<br />
=== Do you accept Feature Requests? ===<br />
<br />
Yes, absolutely! Feature requests from people who actually use PasswordMaker is one of the reasons PasswordMaker has a lot of the functionality it now has!<br />
<br />
Our [http://forums.passwordmaker.org user forums] are the best place to get support, and the [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Request List] is the place to make your desires known.<br />
<br />
Please read through all of the existing [http://forums.passwordmaker.org/index.php/topic,167.msg521113.html#msg521113 Feature Requests] before posting, because it is very possible that someone else has already done it for you. If so, then by all means post a request to add your vote to it, and any other Feature Requests that sound attractive to you.<br />
<br />
Each registered user gets 5 votes, so please feel free to stop by and add your votes now!<br />
<br />
=== How is PasswordMaker licensed? ===<br />
<br />
PasswordMaker is licensed under the [http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPL] Open Source License. The desktop edition (because of QT) is licensed under the [http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GPL] Open Source License.<br />
<br />
The full sources for PasswordMaker can be downloaded from [http://sourceforge.net/projects/passwordmaker here].<br />
<br />
=== What if my computer crashed, and I have to start over from scratch? ===<br />
<br />
Well, as long as you plan ahead and take a few simple precautions, this will not be a problem.<br />
<br />
A more involved discussion of this issue is discussed in this [[Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&Tricks#Super_Security_Tip|<b><u>Super <br />
Security Tip</u></b>]], but for this one single question, it boils down to just understanding how PasswordMaker works, and working out a simple system for how to use it that you can easily remember. In short:<br />
<br />
1. Figure out how you want to Group your accounts. It is recommended to keep your high-security accounts (e.g., financial) in a separate Group or Groups,<br />
<br />
2. Create a 'template' Account in each Group, that has the Settings configured the way you want for those Accounts, and 'Copy Account' to create a new Account in that Group with the correct settings already configured, and<br />
<br />
3. Modify the Defaults settings, and the settings your Group Template Accounts mentioned in #2 above, in such a way that would be difficult to guess how you had modified them, but easily reproducible by you if it became necessary.<br />
<br />
A little thoughtful planning will go a long way.<br />
<br />
=== What if I forget my Master Password? ===<br />
<br />
You're out of luck... so don't forget it.<br />
<br />
Seriously, since this password is not stored anywhere (unless you have told it to do so), there is nothing to recover. There is, however, one exception to this rule. If you have stored your Master Password on Disk, it is possible to discover it by doing the following:<br />
<br />
* open a web page to the following link:<br />
http://passwordmaker.org/decrypt.html<br />
* find/open your RDF file,<br />
* find the 'globalSettings' section,<br />
* one at a time, copy/paste the values from the two following lines:<br />
<br />
NS1:masterPassword="CopyWhateverIsHere"<br><br />
NS1:masterPasswordKey="AndHereToo"<br />
<br />
into the appropriate boxes on the page you opened, then click the 'Decrypt' button.<br />
<br />
The Master Password that is stored on disk will be revealed in the 'Decrypted Master Password' box.<br />
<br />
== Firefox / Gecko edition ==<br />
<br />
=== Where is account information and other settings stored? ===<br />
<br />
Everything is stored in %ProfileDirectory%/passwordmaker.rdf. If you don't know where your profile directory is, look [http://kb.mozillazine.org/Profile_folder here].<br />
<br />
=== How does PasswordMaker defeat keyloggers? ===<br />
<br />
Keyloggers work by tracing every key typed on the keyboard. With PasswordMaker, you never type anything but your master password (and if you choose <i>Store Master Password on disk and in memory (encrypted)</i>, you only type that <b>once</b>). The <b>real</b> passwords (generated ones) are never typed, so keyloggers never detect them!<br />
<br />
=== How does PasswordMaker defeat phishing attacks? ===<br />
<br />
Most phishing attacks occur when you navigate to a URL which appears to be that of a site that you trust, but actually is owned by an attacker. For example, you might navigate to http://www.bc1.lu/ instead of the Bank of Luxembourg's legitimate URL, http://www.bcl.lu/. The only difference between these two URLs is the lower-case letter <b>L</b> (used by the legitimate site) and the number <b>1</b> (used by the deceptive site). The attacker's intent is to get you to enter your username/password credentials on his deceptive site. He can then use those credentials on the legitimite site to do nefarious things.<br />
<br />
If you use PasswordMaker, you'll be safe and secure. This is because the password it generates is based on the URL to which you've navigated. The password generated at a deceptive site is completely different than the one generated at a legitimite site (because their URLs differ, even if by one character). You might still be fooled into thinking http://www.bc1.lu/ is the Bank of Luxembourg, but the attacker will get the wrong password if you use PasswordMaker.<br />
<br />
=== I want to use the same password for more than one site. Is this possible? ===<br />
<br />
Yes! Let's suppose you want a Yahoo! account to use the same password as a gMail account. Go to the <i>Advanced Options</i> dialog and create a new account. Click on the <b>URLs</b> tab, and add a second pattern that will match the gMail login URL - in fact, you can add as many patterns as you want to match for this account, and they will all use the same password! The only caveat to this is, if they have different usernames, PasswordMaker won't be able to automatically populate the usernames for you, because you can only define one username per account - but if they all share the same username, PasswordMaker will populate everything automatically for you for all of them. That's it!<br />
<br />
=== Can PasswordMaker accommodate sites that force me to change passwords periodically? ===<br />
<br />
Yes! Go to the Advanced Options dialog and create a new account. In the <i>When URL Contains</i> field, type <b>mybank.com</b>. In the <i>Use the following text...</i> field, type <b>'mybank.com'</b>. In the <i>Modifier</i> field, type any text (such as a date or number) that you wish to change over time. For instance, you could type <b>September 2007</b>. When October comes and the bank expires your password, simply change the Counter to <b>October 2007</b>. You might instead choose to use an incrementing number. For example, <b>1</b> for this month, <b>2</b> for the next month, etc. Any text that you enter in the <i>Counter</i> field will vary the password.<br />
<br />
=== Why doesn't PasswordMaker fill in the username on a site? ===<br />
<br />
Each site can use a different label for identifying the username field, and not all can be found. Currently the best way to handle this is to use the ''Advanced Auto-Populate'' tab.<br />
<br />
=== Can I share my settings between multiple computers? ===<br />
<br />
PasswordMaker has "Export Settings" and "Import Settings" options, as well as the ability to upload/download your RDF file to/from an FTP site.<br />
<br />
Exporting the settings saves them to a file (with the option to include/exclude the master password in encrypted form), while importing settings takes a file and imports its contents as if you'd manually entered them. You can synchronize two or more PCs this way.<br />
<br />
There are plans to optionally save this file on an FTP site so you don't need to transport it across PCs, but you can always opt-out of this. In the meantime, you can store exported settings centrally somewhere yourself (like your web-based email account) to make it easy to import them from anywhere.<br />
<br />
=== How can I change PasswordMaker's shortcuts (ctrl-` and alt-`) to something else? ===<br />
<br />
Install the [http://mozilla.dorando.at/keyconfig.xpi KeyConfig Extension]. Scroll down to the PasswordMaker entry and change the shortcuts to anything you like. Changes won't take effect until you restart Firefox/Mozilla.<br />
<br />
=== How can I turn off the toolbar icons for Mozilla and Netscape? ===<br />
<br />
You can turn it off (and back on again) by creating the new boolean preferences browser.toolbars.showbutton.passwordmaker and browser.toolbars.showbutton.passwordmaker-key in about:config or user.js with the value of true or false. Make sure to restart all browsers after making the change.<br />
<br />
=== How do I uninstall PasswordMaker? ===<br />
<br />
If you're using Firefox, it's quite simple. Select Tools -> Extensions, select PasswordMaker and click the Uninstall button.<br />
<br />
If you're using Mozilla or Netscape, it's as simple as deleting two files and one directory:<br />
<br />
* If you installed PasswordMaker to a profile, locate that profile's directory (read this if you don't know how to find it). If you installed PasswordMaker to the browser directory, locate your Mozilla or Netscape installation directory (read [http://kb.mozillazine.org/Profile_folder this] if you don't know how to find it).If you don't know where you installed PasswordMaker, try to remember how you answered this prompt when installation began:<br />
[[Image:mozilla-install.jpg]]<br />
<br />
The rest of these directions refer to the path you've identified as path.<br />
<br />
* Delete the file /path/chrome.rdf. This file is automatically regenerated the next time you start Mozilla or Netscape.<br />
* Delete the file /path/chrome/passwdmaker.jar<br />
* Delete the directory /path/chrome/overlayinfo. This directory is automatically recreated the next time you start Mozilla or Netscape. If you restart and this directory hasn't been recreated, don't worry: it just means you don't have any other extensions, themes, or skins installed.<br />
<br />
== Desktop edition ==<br />
<br />
== Javascript edition ==<br />
<br />
== Yahoo! Widget edition ==<br />
<br />
== Command-line edition ==<br />
<br />
== PHP / Mobile edition ==<br />
<br />
== On-line edition ==</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips&diff=1327Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips2009-02-16T19:18:03Z<p>Eric H. Jung: Reverted edits by 74.184.250.20 (Talk); changed back to last version by Tanstaafl</p>
<hr />
<div>==Tips==<br />
<br />
===Accounts: ''Defaults'' vs. ''Custom''===<br />
<br />
The ability to define ''Custom'' accounts is one of '''many''' things that sets PasswordMaker apart from any other password utility out there, but it can also be a source of confusion for people new to PasswordMaker, so it is necessary to understand the following:<br />
* it is not an ''either / or'' question - you can use '''both''' the ''Defaults'' account (hereinafter just plain old ''Defaults'') '''and''' ''Custom'' accounts at the same time<br />
* there are really only two good reasons to create a ''Custom'' account:<br />
**sites that require ''settings'' (''username'', allowed password characters, etc) that are different from the ones specified in your ''Defaults'' (in this case you '''must''' create a ''Custom'' account for this site to use PasswordMaker with it), and/or<br />
**sites that are of a sensitive nature, like, for example, banking/financial sites, Domain Registrar accounts, and Remote Control accounts like [http://www.logmein.com LogMeIn] or [http://www.gotomypc.com GoToMyPC]. There are others of course, but only you can answer the question of whether or not any given account is sensitive for '''you'''.<br />
<br />
In the first situation, it '''is''' necessary to create a ''Custom'' account - there is no other way to specify unique settings for any particular account. In the second situation, it is '''not''' ''necessary'' to create a ''Custom'' account, it is simply a ''personal preference''.<br />
<br />
You are encouraged to use the ''Defaults'' for all other sites that are of a non-sensitive nature.<br />
<br />
Don't misunderstand me. This does not mean that you '''shouldn't''' create ''Custom'' accounts for every single one of the sites you access - by all means, if you want to, then do so. The important thing to understand is that it isn't necessary to do so in order to use PasswordMaker.<br />
<br />
Allow me to elaborate on some ways that some site-specific requirement or limitation might create a situation where you would need to create a ''Custom'' account, and some tips that will help to minimize such situations.<br />
<br />
In the ''Defaults'' settings (on the ''Extended'' tab), you can specify a ''username'', which is not only used to log into the site - and which can also be automatically populated into the ''username'' field on the login page - but it is also one of the items used to generate your passwords.<br />
<br />
However, if one of your sites requires a different username from the one you specified in the ''Defaults'', then you would have to either manually change the ''username'' on the login page every time after PasswordMaker populates it (because PasswordMaker would have populated it with the one from the Defaults), or, create a ''Custom'' account for this site with the correct username. So, with this in mind:<br />
<br />
*'''tip:''' For non-sensitive sites for which you want to just use the ''Defaults'', pick something for a ''username'' that is almost certain to not be used by anyone else - something not a word, or a word that contains special characters in place of certain letters (example: 'mikemybirthyear' instead of just 'Mike') - this will make using the ''Defaults'' much easier and more convenient.<br />
<br />
Another example is that some sites impose special limitations/requirements with respect to the number of and/or types of characters that are allowed to be used for Passwords which differ from what you specified in your ''Defaults''. For these sites, you would have to define a Custom Account that reflects the different Settings needed to allow PasswordMaker to work properly with that site. So, with that in mind:<br />
<br />
*'''tip:''' Use only lowercase letters and numbers for the ''character set'' in your ''Defaults'', with a lower number of characters - say, 10. Since you are only using the ''Defaults'' for non-sensitive sites, this will still give you reasonably secure passwords for your non-sensitive sites, while allowing you to use the ''Defaults'' for most of them.<br />
<br />
Hopefully this explains the difference between the ''Defaults'' and ''Custom'' accounts/settings, and will help you to make an informed decision on when - or even if - to use the ''Defaults'', or to create a ''Custom'' account, for any given site.<br />
<br />
===Super Security Tip===<br />
<br />
The following is from [http://forums.passwordmaker.org/index.php/topic,1252 this thread] on the PasswordMaker forums - although it has minor edits for clarity and formatting purposes...<br />
<br />
<blockquote>'''What's the consensus here? Is it better to store on the hard drive or type it out each time? The thing that attracted me to this program in the first place is I did not like how other password programs stored lists of passwords on the hard drive.'''</blockquote><br />
This is a good question, but due to its nature, one that each person has to answer for themselves.<br />
<br />
The fundamental question is actually very simple - convenience vs. security...<br />
<br />
When you store the ''master password'' on disk (or in memory), it is stored encrypted - but, obviously, PasswordMaker must itself be able to decrypt the ''master password'' - and since PasswordMaker is open-source, that means the decryption code is right there for anyone to see, so it would not be difficult for a capable cracker to write some code to steal your ''master password'' if they were able to install their code on your computer.<br />
<br />
<blockquote>'''On the other hand, I have read some posts from people who claim that typing out the ''master password'' makes you vulnerable to keyloggers.. So I'm kind of confused.'''</blockquote><br />
Understandable, but there are acceptable options, even for those super paranoid folks like us!<br />
<br />
Yes, if your computer is compromised with a keylogger, the keylogger could grab your ''master password'' - but NOT your generated password(s), because they are not actually typed on your keyboard.<br />
<br />
There are different ways to deal with these issues, but to give you some ideas...<br />
<br />
One thing you can do - and I highly recommend that you do this, but give it some serious thought, and work out a system first - is to modify the ''Defaults'' settings, and the ''settings'' for any important ''Custom'' accounts (ie, important financial accounts) sites in such a way as it would be difficult to guess how you had modified them, but easily reproducible (by you) if it became necessary. To expand on this, if you find yourself with a need for a lot of ''Custom'' accounts, you could use a different account ''Group'' for each ''type'' of account (which is what I do) - e.g., one for unimportant accounts (like online forums, etc), and one for financial accounts - and create unique settings for each ''Group'', instead of for each ''Account''.<br />
<br />
Another way to add another layer of security is to develop a simple yet not easily guessable pattern of adding/replacing characters in your ''generated passwords'' that is stored in one place that [http://en.wikipedia.org/wiki/Black_hat black hats/crackers] haven't figured out how to access yet - your head. For example, you could add a certain character (for example, the '$'), in the 3rd position of every generated password. So, when PasswordMaker populates your password field, you'd have to place your mouse in the field, move the cursor to the 3rd position, and manually enter the '$' character.<br />
<br />
Of course, this is also subject to being detected by keyloggers, but you can confound them yet again by inserting the cursor directly where you need it to go with the mouse - but we are getting a tad ridiculous now... ;)<br />
<br />
The fact is, the only truly secure computer is one that is not plugged into an electrical outlet. If your computer is compromised by a keylogger, then you have more serious problems you need to deal with.<br />
<br />
<blockquote>'''I guess I'd ask the developers of this program... what do you do? Type it out or store it on the hard drive?'''</blockquote><br />
Although I'm not one of the developers, personally, I don't store mine at all, I use a different ''master password'' for each account ''Group''. I sat down and worked out a system that I was comfortable with on how to categorize them, and it has worked well for me.<br />
<br />
<blockquote>'''One other dumb question... the [http://wiki.passwordmaker.org/index.php/FAQ#What_if_I_forget_my_Master_Password.3F FAQ] makes it clear... lose your password? Yes, you're screwed... wouldn't that also be the case if you somehow lose your settings?'''</blockquote><br />
Yep - which means don't lose them. Suggestions for recovering from a situation where you do lose them, in preferred (most secure) order:<br />
<br />
* modify the settings, but in such a way that you could reproduce the modifications from memory, and/or<br />
* write down the modifications you make, and put this information a safe place<br />
* don't modify the settings from the Defaults<br />
* and, of course - '''always''' keep good backups of your RDF file<br />
<br />
If you are truly paranoid, your head is the safest place (as long as you don't talk in your sleep and your wife/partner doesn't work for the [http://www.nsa.gov NSA] or the [http://www.irs.gov IRS] or ...), and/or maybe in your Safety Deposit Box at your bank - although this information would be available to law enforcement if they were looking for it. This is actually not a bad idea, for one reason: if you have secret stuff that your loved ones may need access to if something happens to you. This is actually something that has concerned me. My system is such that I can re-create these with ease from memory, but if something happened to me, no one would be able to get into my accounts. Now, I'm sorry to say, I don't have millions stashed away in a secret Panamanian bank, but seriously, if I was using PasswordMaker to protect access to anything of substance, I would do something like this so that my wife could get access to everything.<br />
<br />
===Multiple Master Passwords How-to===<br />
<br />
Add tip here<br />
<br />
===Convert Saved FireFox Passwords===<br />
<br />
Thanks to Tyrantmizar for this [http://forums.passwordmaker.org/index.php/topic,395.msg733752.html#msg733752 excellent tip]...<br />
<br />
Using the following steps, you can (relatively) easily change the passwords for sites that you have saved in FireFox's Password Manager to ones generated by PasswordMaker..<br />
<br />
#Go to the site that you want to change the password for<br />
#Log in using Firefox's built in password manager<br />
#Go to change your password<br />
#I'm not sure, but I think Firefox will automatically put in your old password into the forms. Usually, there are three fields: 1 for your current password, and 2 for your New Password (the second is simply for confirmation purposes). If firefox doesn't automatically put something in, you're going to have to type it in manually.<br />
#Make sure the ''New Password'' fields are empty<br />
#Open PasswordMaker - if you need to create a specific Account for this site, do so now<br />
#Click the ''Global Settings'' tab<br />
#Make sure that ''When Alt` Shortcut is pressed'' is set to ''populate empty fields only''<br />
#Go back to your Browser ''change your password'' page and press ''Alt`'' - your PasswordMaker password should automatically be put into the 2 ''New Password'' fields<br />
#Test the new password by logging out and back in using PasswordMaker<br />
#Delete the saved password from Firefox's Password Manager.<br />
#Repeat steps 1-11 for each site you want to change the password for<br />
<br />
If you are going to be changing many passwords in a single session, and you don't want to have to re-enter your Master Password over and over, just set it to ''store in memory'' or ''store to disk''.<br />
<br />
===Multiple Logins, same Domain, different Sub-directory===<br />
<br />
This tip is courtesy of Romeo as discussed [http://forums.passwordmaker.org/index.php/topic,501.msg809510.html#msg809510 here] in the forums.<br />
<br />
Some websites have different login subdirectories for different login types - for example:<br />
<br />
* www.example.com/normaluser/ and www.example.com/superuser/ (replace with real world example site)<br />
<br />
For sites like this, you can simply create a separate account for each one and specify the entire text of the URL, including the subdirectory portion (ie, /normaluser/) in the URL pattern. This will avoid your having to pick the right account when populating the login information.</div>Eric H. Junghttps://passwordmaker.org/index.php?title=Tutorials&diff=1306Tutorials2008-08-23T01:16:50Z<p>Eric H. Jung: Reverted edits by 121.97.212.184 (Talk); changed back to last version by Tanstaafl</p>
<hr />
<div>__FORCETOC__<br />
==Getting Started==</div>Eric H. Jung