C
Chrissy Cruiser
Hey, that's a great idea, Mel. Thanks. I like the program but needed 20+
passphrase length.
Ok, how many buttons this time?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Hey, that's a great idea, Mel. Thanks. I like the program but needed 20+
passphrase length.
Ok, how many buttons this time?
M
Mel
Ok, how many buttons this time?
As always: The choice is yours!
This thread hasn't ended yet:
The Problem
===========
If you're like most people, you have a few passwords that you use over
and over again on many different websites. You know this isn't secure,
yet you do it anyway. Why? Because it's difficult to remember a unique
password for each and every web site that requires one.
Existing Solutions
==================
Maybe you do use unique passwords, and get around the problem of
remembering them by storing them in a spreadsheet or other file. Maybe
you even use one of the many password managers that are available. But
now you've centralized your passwords and access to them becomes
difficult while at work, a friend's, or a public internet terminal. You
can't get to your passwords without carrying them around or publishing
them on the internet. Some people even carry a USB keychain with their
passwords wherever they go. How inconvenient. And publishing them on the
internet? Yikes! We need not even mention the security risks inherent
with that solution. Even if you trust the company storing the passwords,
you can be sure every hacker in the world is drooling over the prospect
of accessing their database.
Our Solution
============
PasswordMaker solves all of these issues. It is a small, lightweight,
free, open-source extension for Firefox and Mozilla which creates
unique, secure passwords that are very easy to retrieve. Nothing is
stored anywhere, anytime, so there's nothing to be hacked, lost, or
stolen.
How It Works
============
You provide PasswordMaker two pieces of information: a "master password"
- that one, single password you like - and the URL of the website
requiring a password. Through the magic of one-way hash algorithms,
PasswordMaker calculates a message digest, also known as a digital
fingerprint, which can be used as your password for the website.
Although hash functions have a number of interesting characteristics,
the one capitalized by PasswordMaker is that the resulting fingerprint
(password) does "not reveal anything about the input that was used to
generate it". In other words, if someone has one or more of your
PasswordMaker-generated passwords, it is computationally infeasible for
him to derive your master password or to calculate your other passwords.
What About Portability?
=======================
For times when you simply must use non-Firefox browsers or can't install
Firefox extensions, there's an on-line version which mimicks the
extension and works in all browsers new and old. No downloads or
installations required. WML (for WAP mobile phones) and J2ME versions
(for Java-enabled phones or PIMs) are coming shortly.
http://passwordmaker.mozdev.org/index.html
Extension For Firefox and Mozilla
http://passwordmaker.mozdev.org/installation.html
Online Version:
http://passwordmaker.mozdev.org/passwordmaker.html
Downloadable Version:
http://passwordmaker.mozdev.org/passwordmaker-online.zip
M
Mel
Chrissy,
It looks like the maximum password length generated from user supplied
data ((3 items)-MasterPassword, URL, UserName) is 64 using the SHA-256
CRC, so if you have the need that's the one to use.
md4 (password length=32)
9bb4800c357fcefd44ea1f540e02e480
HMAC-md4 (password length=32)
002d57bc98d7e274714ea5c0740cc6a1
md5 (password length=32)
80d1e3f8d0ba56a3e0857be87c9decf6
HMAC-md5 (password length=32)
ea1c94cb04be919001ee9d8ec0a1288b
SHA-1 (password length=40)
548e8c9b6cfd9be4a74d9f8c8b6f5d24315805f0
SHA-256 (password length=64)
1206cdcea3229628fee8b5da45c32035346cd6a40b0a7d5647c4eb29f20cfab3
RIPEMD-160 (password length=40)
3811e28335d5a71b18498987a947f9ff704a4991
FYI: passwordmaker creates the same md5 as the method I quoted earlier
(when the same data is used in both cases), so if you want the longer
password using the method I quoted earlier you'll need to find an md5
that uses SHA-256.
It looks like the maximum password length generated from user supplied
data ((3 items)-MasterPassword, URL, UserName) is 64 using the SHA-256
CRC, so if you have the need that's the one to use.
md4 (password length=32)
9bb4800c357fcefd44ea1f540e02e480
HMAC-md4 (password length=32)
002d57bc98d7e274714ea5c0740cc6a1
md5 (password length=32)
80d1e3f8d0ba56a3e0857be87c9decf6
HMAC-md5 (password length=32)
ea1c94cb04be919001ee9d8ec0a1288b
SHA-1 (password length=40)
548e8c9b6cfd9be4a74d9f8c8b6f5d24315805f0
SHA-256 (password length=64)
1206cdcea3229628fee8b5da45c32035346cd6a40b0a7d5647c4eb29f20cfab3
RIPEMD-160 (password length=40)
3811e28335d5a71b18498987a947f9ff704a4991
FYI: passwordmaker creates the same md5 as the method I quoted earlier
(when the same data is used in both cases), so if you want the longer
password using the method I quoted earlier you'll need to find an md5
that uses SHA-256.
C
Chrissy Cruiser
Chrissy,
It looks like the maximum password length generated from user supplied
data ((3 items)-MasterPassword, URL, UserName) is 64 using the SHA-256
CRC, so if you have the need that's the one to use.
md4 (password length=32)
9bb4800c357fcefd44ea1f540e02e480
HMAC-md4 (password length=32)
002d57bc98d7e274714ea5c0740cc6a1
md5 (password length=32)
80d1e3f8d0ba56a3e0857be87c9decf6
HMAC-md5 (password length=32)
ea1c94cb04be919001ee9d8ec0a1288b
SHA-1 (password length=40)
548e8c9b6cfd9be4a74d9f8c8b6f5d24315805f0
SHA-256 (password length=64)
1206cdcea3229628fee8b5da45c32035346cd6a40b0a7d5647c4eb29f20cfab3
RIPEMD-160 (password length=40)
3811e28335d5a71b18498987a947f9ff704a4991
FYI: passwordmaker creates the same md5 as the method I quoted earlier
(when the same data is used in both cases), so if you want the longer
password using the method I quoted earlier you'll need to find an md5
that uses SHA-256.
Cool, Mel, again, thanks so much.
M
Mel
If you want a longer password than 256-bits (64 characters) then youChrissy,
could opt for a program that supports SHA-512, which will give you a
512-bit password (128 characters).
HASH, CRC, AND HMAC CALCULATOR
A fast and easy-to-use calculator that allows to compute message
digests, checksums and HMACs for files, as well as for text and hex
strings. It offers a choice of 13 of the most popular hash and checksum
algorithms for calculations.
Major Features:
- Support of 12 well-known and documented hash and checksum algorithms:
MD2, MD4, MD5, SHA-1, SHA-2 (256, 384, 512), RIPEMD-160, PANAMA,
TIGER, ADLER32, CRC32.
- Support of a custom hash algorithm (MD4-based) used in eDonkey and
eMule applications.
- Support of 2 modes of calculations: HASH/CHECKSUM and HMAC.
- Support of 3 input data formats: files, text strings and hex strings.
- Works with large size files. (Tested on file sizes up to 15 GB).
- Drag-and-drop support.
- Quick and simple installation.
- Calculates hash/checksum and HMAC for files of any type: music, audio,
sound, video, image, icon, text, compression, etc..
http://www.slavasoft.com/hashcalc/
Hash Calculator gave me the following results using the same format as
previous examples.
MD5 (password length=32)
80d1e3f8d0ba56a3e0857be87c9decf6
MD4 (password length=32)
9bb4800c357fcefd44ea1f540e02e480
SHA1 (password length=40)
548e8c9b6cfd9be4a74d9f8c8b6f5d24315805f0
SHA256 (password length=64)
1206cdcea3229628fee8b5da45c32035346cd6a40b0a7d5647c4eb29f20cfab3
SHA384 (password length=96)
c367f42e78ba351a572ba83bc8435887ec6d39c73be1b910ae1f46ed8b2ab40ed42181b57d6b8ea7ea7bf298985929d2
SHA512 (password length=128)
8aff781457da32580c96d874303381a9881f515eb4f4215041b58434cd3565e1e14ea44a70f43c5c0f61cfd5df2f28e5a4784278f54e54dda9db43f41000c5bd
RIPEMD160 (password length=40)
3811e28335d5a71b18498987a947f9ff704a4991
PANAMA (password length=64)
e98b95715b8f66510b1d670cd2645d3664066d1212a8d21a3f13b79e0da6600e
TIGER (password length=48)
6e86afc160f6ce1bf500b4859983eeecfe453f99bb406d07
MD2 (password length=32)
b401cbcf9ab32ba3ae4cf757d123f94d
ADLER32 (password length=8)
d04d0ce0
CRC32 (password length=8)
35691e74
eDonkey/eMule (password length=32)
9bb4800c357fcefd44ea1f540e02e480
PS: How does the Firefox Plugin PasswordMaker look so far? Does it have
a good look and feel?
C
Chrissy Cruiser
If you want a longer password than 256-bits (64 characters) then you
could opt for a program that supports SHA-512, which will give you a
512-bit password (128 characters).
HASH, CRC, AND HMAC CALCULATOR
A fast and easy-to-use calculator that allows to compute message
digests, checksums and HMACs for files, as well as for text and hex
strings. It offers a choice of 13 of the most popular hash and checksum
algorithms for calculations.
Major Features:
- Support of 12 well-known and documented hash and checksum algorithms:
MD2, MD4, MD5, SHA-1, SHA-2 (256, 384, 512), RIPEMD-160, PANAMA,
TIGER, ADLER32, CRC32.
- Support of a custom hash algorithm (MD4-based) used in eDonkey and
eMule applications.
- Support of 2 modes of calculations: HASH/CHECKSUM and HMAC.
- Support of 3 input data formats: files, text strings and hex strings.
- Works with large size files. (Tested on file sizes up to 15 GB).
- Drag-and-drop support.
- Quick and simple installation.
- Calculates hash/checksum and HMAC for files of any type: music, audio,
sound, video, image, icon, text, compression, etc..
http://www.slavasoft.com/hashcalc/
Hash Calculator gave me the following results using the same format as
previous examples.
MD5 (password length=32)
80d1e3f8d0ba56a3e0857be87c9decf6
MD4 (password length=32)
9bb4800c357fcefd44ea1f540e02e480
SHA1 (password length=40)
548e8c9b6cfd9be4a74d9f8c8b6f5d24315805f0
SHA256 (password length=64)
1206cdcea3229628fee8b5da45c32035346cd6a40b0a7d5647c4eb29f20cfab3
SHA384 (password length=96)
c367f42e78ba351a572ba83bc8435887ec6d39c73be1b910ae1f46ed8b2ab40ed42181b57d6b8ea7ea7bf298985929d2
SHA512 (password length=128)
8aff781457da32580c96d874303381a9881f515eb4f4215041b58434cd3565e1e14ea44a70f43c5c0f61cfd5df2f28e5a4784278f54e54dda9db43f41000c5bd
Yow?
RIPEMD160 (password length=40)
3811e28335d5a71b18498987a947f9ff704a4991
PANAMA (password length=64)
e98b95715b8f66510b1d670cd2645d3664066d1212a8d21a3f13b79e0da6600e
TIGER (password length=48)
6e86afc160f6ce1bf500b4859983eeecfe453f99bb406d07
MD2 (password length=32)
b401cbcf9ab32ba3ae4cf757d123f94d
ADLER32 (password length=8)
d04d0ce0
CRC32 (password length=8)
35691e74
eDonkey/eMule (password length=32)
9bb4800c357fcefd44ea1f540e02e480
PS: How does the Firefox Plugin PasswordMaker look so far? Does it have
a good look and feel?
It does, I have only used it twice but am going to screw around with it
over the weekend.