It's a browser extension for Chrome and for Firefox that seamlessly hashes the concatenation of your master password and the domain name of the site you're logging into. This produces a different password for each site, and requires you to remember only your master password.
The extensions were created by Blake Ross (big name in the firefox community), as well as Collin Jackson and Dan Boneh who are highly regarded security experts at Stanford.
Also, if you're interested, I've created a command line utility for Mac OS X that exposes the same functionality:
https://github.com/ali01/pwdhash.py
The most commonly used hashers are pwdhash, supergenpass and magicpassword. Given that they all use hashing algorithms, none of them will result in a password using special characters, which is not optimal.
Actually, that's not true. Look at the encoding section of the PwdHash USENIX paper. PwdHash returns an ASCII representation (not a hex or base64 encoded string) of the hashed domain name + master password. PwdHash also applies a number of constraints to the returned hash to ensure that the special characters that it does use are legal at most websites.
A typical PwdHash password, with domain name google.com and master password "LetMeIn+123456?" looks like this:
Optimal? No. More than sufficient? Yes. You can use all numbers in your password, so long as it's long enough (and the website actually uses all of them).
I use a hashing bookmarklet myself. Only, I wish there was a better algorithm and I think it's wise, at least with an audience like HN, to point the weaknesses of those system. See for instance : http://stackoverflow.com/questions/554224/is-the-bookmarklet...
http://pwdhash.com
It's a browser extension for Chrome and for Firefox that seamlessly hashes the concatenation of your master password and the domain name of the site you're logging into. This produces a different password for each site, and requires you to remember only your master password.
The extensions were created by Blake Ross (big name in the firefox community), as well as Collin Jackson and Dan Boneh who are highly regarded security experts at Stanford.
Also, if you're interested, I've created a command line utility for Mac OS X that exposes the same functionality: https://github.com/ali01/pwdhash.py