Fwd: confirm 9a85e83e9531356d37cfd8581573d167b99c16f8
Brad Anderson
eco at gnuk.net
Fri Apr 11 13:41:56 PDT 2014
On Friday, 11 April 2014 at 20:27:34 UTC, Graham Fawcett wrote:
> On Friday, 11 April 2014 at 16:42:30 UTC, Walter Bright wrote:
>> On 4/11/2014 5:18 AM, Steven Schveighoffer wrote:
>>> If, after the last year of hacking, and the heartbleed bug,
>>> people are not using
>>> password tracker/generators, you haven't learned anything :)
>>
>> But those pw managers are a single point of failure. One
>> mistake and you've compromised or lost everything. If your
>> machine it is installed on is stolen, you've lost all your
>> passwords. Etc.
>
> For less critical passwords, I use a JavaScript bookmarklet
> with the code below. It's mostly an MD5 implementation. It
> takes the base URL of the current page, concatenates a salt,
> and then MD5-hashes the result. Then it pops up a dialog box
> containing the hash, and that's my password for that site.
>
> It doesn't work on crappy sites with silly restrictions (so
> many numbers, no more than X characters -- that last one
> especially makes my blood boil, because you *know* they aren't
> properly hashing your password), but most modern sites accept
> it just fine.
A couple years ago I tried to use http://supergenpass.com/ (which
works similarly) but there were just too many sites whose
restrictions made it not work. Good concept though.
More information about the Digitalmars-d
mailing list