This is Christophe-Marie Duquesne's Typepad Profile.
Join Typepad and start following Christophe-Marie Duquesne's activity
Join Now!
Already a member? Sign In
Christophe-Marie Duquesne
Recent Activity
There is a solution to this, user side. You can _easily_ use a different password for each site, without the need to remember them, without storing them. Really. The idea is to hash+salt your password on the client side, on the fly (with a deterministic salt that depends on the site you visit). Instead of entering a password directly in the password field, you can install a bookmarklet/extension that takes you password, processes it through the salt+hash and fills the password input for you. This way you don't have to trust every webmaster of every sites you visit, since you send them a different password for a different url. A few extensions/bookmarklets implement this (but don't use the bookmarklets, it is not really secure): - password hasher - hash a pass - supergenpass
Toggle Commented Dec 14, 2010 on The Dirty Truth About Web Passwords at Coding Horror
Christophe-Marie Duquesne is now following The Typepad Team
Dec 14, 2010