hashapass |
...when ‘fluffy’ is not enough |
| Home · About · FAQ · Widget · Contact |
Hashapass can be used for deriving passwords from a master password and a parameter. Unlike random password generators, with this form you don't need to write down the generated passwords, so long as you remember the master password and the parameters.
| Example | Master password | Parameters | Generated passwords | |
| Web accounts | You have many web accounts; you do not wish your passwords to be too simple, but you also don't want to have to remember many passwords. Keep your master password secret and use the website name as a variant to generate a password for that website. | abcd1234 |
yahoo hotmail bank |
mALLiLOZ KoipEnh8 eZhMfYGo |
| IT administration | You are an IT manager dealing with a large number of computers. You want to set up a different BIOS/root/VNC password for each of them but want to avoid to have to store a database of passwords. | ITSharedSecret |
machineID1 machineID2 machineID3 |
JbLETo3Q elEEh1nh 3/hckpx4 |
Hashapass uses JavaScript computation, which is portable across many web browsers and is generally executed locally. The parameter, master password and variant passwords are thus not transmitted on the network, at least not through this page.
The generated password is computed as the first 8 characters of the Base-64 encoding of HMAC-SHA1(master password, parameter).
This form uses the following implementation of HMAC-SHA1:
* A JavaScript implementation of the Secure Hash Algorithm, SHA-1, as defined * in FIPS PUB 180-1 * Version 2.1 Copyright Paul Johnston 2000 - 2002. * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet * Distributed under the BSD License * See http://pajhome.org.uk/crypt/md5 for details.
| powered by vi ~ ~ |