Tuesday, May 10, 2005
Password generator for a simple Single Sign-on solution
Per my previous rant about how yucky passwords are, here is something that shows how to have a unique password for every site/service that you have signed up for without remembering it like Shakuntala Devi or writing it down on a post-it under your keyboard.
The concept is simple, but brilliant and effective. You create a personal master password. I recommend creating it with all the standard tricks ~ alphanumeric, minimum length 10 chars and includes a special character or two. This password is then mashed up with the name of the site that you are visiting to create a unique MD5 hash that can be used as a password for that site. Now each time the hashed up key would be different, giving you the ability to create a unique password for each site without having to remember it.
A password generator Greasemonkey script simplifies life even further. Greasemonkey is a Firefox extension which lets you to add bits of DHTML ("user scripts") to any web page to change its behavior. Check out Jon Udell's 2.75 minute screencast demonstrating how easy it is to use this concept. You just have to remember a single personal master password giving you a kind of Single Sign-on effect.
This solution works best in Firefox with Greasemonkey installed, though it is not needed (check Nic's website below). It even works with IE and Safari.
Resources:
Nick Wolff's Password generator
Johannes la Poutré's Password composer
Jon Udell's entry talking about the single sign-on solution
The concept is simple, but brilliant and effective. You create a personal master password. I recommend creating it with all the standard tricks ~ alphanumeric, minimum length 10 chars and includes a special character or two. This password is then mashed up with the name of the site that you are visiting to create a unique MD5 hash that can be used as a password for that site. Now each time the hashed up key would be different, giving you the ability to create a unique password for each site without having to remember it.
A password generator Greasemonkey script simplifies life even further. Greasemonkey is a Firefox extension which lets you to add bits of DHTML ("user scripts") to any web page to change its behavior. Check out Jon Udell's 2.75 minute screencast demonstrating how easy it is to use this concept. You just have to remember a single personal master password giving you a kind of Single Sign-on effect.
This solution works best in Firefox with Greasemonkey installed, though it is not needed (check Nic's website below). It even works with IE and Safari.
Resources:
Nick Wolff's Password generator
Johannes la Poutré's Password composer
Jon Udell's entry talking about the single sign-on solution
Copyright Anand Jain 2004, 2005. All rights
reserved.
Webmaster
