automaticable

Using secure passwords is often overlooked by users because of the hassle involved with it. Generally, secure passwords need to include numbers, upper and lower case, and possibly even punctuation marks. Also, they should be reasonably long, and contain no dictionary words.

These stipulations make these passwords very hard to memorize. Also, it’s generally a good idea to have a unique password for every website or service, which makes things even harder.

There are many solutions that exist to create and help remember strong passwords. Some recommend creating some sort of acronym for something that you’ll remember, and insert numbers and punctuation. This helps, but it’s still tedious to remember lots of these. Also, there are password managers that will create pseudo-random passwords and remember them. This is another step, but requires that you have access to your password manager wherever you are.

Another solution, which I am fond of, is called PwdHash. Started as a research project at Stanford, it basically creates a strong password that is a md5 hash of your unique “master password,” and the domain name of the site you’re creating a password for. The result is a strong, unique password for each website that is reproducible only with both parts– master password and domain. The convenience is that you only need to ever remember one strong “master password,” and the same hash can be regenerated every time.

What really sells PwdHash is that it has also been implemented as a Firefox extension. Once installed, you can press F2 in any password field, enter your master password, and then PwdHash will replace it with your generated strong password. Works wherever Firefox does.

To cover those instances where the Firefox extension isn’t available– on a public computer, in Internet Explorer, or in a standalone application– there is still a way to retrieve your passwords. Navigate to pwdhash.com, enter the domain and your master password and press Generate. Simple as that.

In summary, PwdHash is a good way to start using strong passwords. You only need to ever remember one password, and strong passwords are generated uniquely for each domain you visit. It is very well integrated in Firefox, and also available in situations where the extension isn’t an option.