Comments on: Secure Passwords with PwdHash http://www.automaticable.com/2008-01-08/secure-passwords-with-pwdhash/ adjective: of or pertaining to things that should work but go awry Wed, 14 Sep 2011 19:38:41 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Introducing: Pwdhash Sharp 0.8.4! | automaticable http://www.automaticable.com/2008-01-08/secure-passwords-with-pwdhash/comment-page-1/#comment-499 Introducing: Pwdhash Sharp 0.8.4! | automaticable Thu, 03 Jul 2008 22:50:52 +0000 http://www.automaticable.com/2008/01/08/secure-passwords-with-pwdhash/#comment-499 [...] desktop implementation of the PwdHash password-generator, written for Ubuntu.   We’ve written about PwdHash before, but if you’re not familiar: PwdHash automatically replaces the contents of [site address and [...] [...] desktop implementation of the PwdHash password-generator, written for Ubuntu.   We’ve written about PwdHash before, but if you’re not familiar: PwdHash automatically replaces the contents of [site address and [...]

]]> By: PwdHash now Firefox 3 Compatible | automaticable http://www.automaticable.com/2008-01-08/secure-passwords-with-pwdhash/comment-page-1/#comment-449 PwdHash now Firefox 3 Compatible | automaticable Mon, 16 Jun 2008 16:45:18 +0000 http://www.automaticable.com/2008/01/08/secure-passwords-with-pwdhash/#comment-449 [...] you have secure, domain-specific passwords generated by PwdHash? Well, the handy Firefox extension just got an update that brings support for the latest Firefox [...] [...] you have secure, domain-specific passwords generated by PwdHash? Well, the handy Firefox extension just got an update that brings support for the latest Firefox [...]

]]> By: Scott Wegner http://www.automaticable.com/2008-01-08/secure-passwords-with-pwdhash/comment-page-1/#comment-9 Scott Wegner Wed, 09 Jan 2008 01:20:00 +0000 http://www.automaticable.com/2008/01/08/secure-passwords-with-pwdhash/#comment-9 You raise a good point, but I wouldn't worry too much about it for the following reasons:<br/>-- The primary use is through a Firefox extension. That means that it'll be around as long as Firefox is. Right now it's listed as compatible through Firefox 2.0, but I'm sure upgrading the extension would be pretty easy.<br/>-- The other use is through their website, which uses a simple form and some javascript; there's nothing going on server-side. This means that you could easily save the files associated with the webpage and run it locally. You could probably easily write a Greasemonkey script.<br/>-- Finally, everything has been released as open source. With the following that it has, I think somebody would probably pick it up if the software needed updating.<br/><br/>But, with the "doomsdayish" outlook, it's also worth noting that you could backup each password inside a password manager such as open-source KeePass. If anything happened, you would still have access to your stored passwords. You raise a good point, but I wouldn’t worry too much about it for the following reasons:
– The primary use is through a Firefox extension. That means that it’ll be around as long as Firefox is. Right now it’s listed as compatible through Firefox 2.0, but I’m sure upgrading the extension would be pretty easy.
– The other use is through their website, which uses a simple form and some javascript; there’s nothing going on server-side. This means that you could easily save the files associated with the webpage and run it locally. You could probably easily write a Greasemonkey script.
– Finally, everything has been released as open source. With the following that it has, I think somebody would probably pick it up if the software needed updating.

But, with the “doomsdayish” outlook, it’s also worth noting that you could backup each password inside a password manager such as open-source KeePass. If anything happened, you would still have access to your stored passwords.

]]> By: Kyle W http://www.automaticable.com/2008-01-08/secure-passwords-with-pwdhash/comment-page-1/#comment-8 Kyle W Tue, 08 Jan 2008 23:53:00 +0000 http://www.automaticable.com/2008/01/08/secure-passwords-with-pwdhash/#comment-8 One question about this service. It seems pretty good at keeping your password secure, but that also makes you completely reliant on it. Is there some kind of contingency set up by PwdHash or something the user can do to plan if (and, inevitably, when) the service goes down temporarily or permanently? Not to be too doomsdayish with this kind of thing, but if a service like this lost support a few months/years down the road, it seems like it would put you in quite the pickle trying to get all of your passwords reset on all of these sites since you don't really know what the password is for each.<br/><br/>Thoughts? One question about this service. It seems pretty good at keeping your password secure, but that also makes you completely reliant on it. Is there some kind of contingency set up by PwdHash or something the user can do to plan if (and, inevitably, when) the service goes down temporarily or permanently? Not to be too doomsdayish with this kind of thing, but if a service like this lost support a few months/years down the road, it seems like it would put you in quite the pickle trying to get all of your passwords reset on all of these sites since you don’t really know what the password is for each.

Thoughts?

]]>