Computer Security World

Do you use the same password across different websites? Do you know if you do so your passwords may be stolen by the website you signed up with. So, is there a solution? The best solution of course is to use a different password at at each website you signed up with. But for most mere mortals that is not a practical option. I will tell you what I do. I use a password generator that generates a unique password for me at each website I sign up with. The password generator takes a secret pass phrase that I enter and the website's unique URL and cryptographically mixes it to generate a unique password for the website. It basically uses a cryptographic hash function to make sure that even if somebody gets access to one of your passwords, your secret passphrase cannot be guessed. To learn more about why that works, see here

To be even more secure I actually have two pass phrases. I use one pass phrase to generate passwords for all the websites that are related to banking or finance and other for normal websites like Google etc this password generator is actually just a bookmark and is compatible with all browsers. Here is a link to the password generator.

Note that when you visit the link you will find that there is also a mobile version of the password generator which is useful when you are working on a machine that is not your own. This mobile version can be used to generate passwords from a web page form. You can copy and run this mobile password generator on your own website.