Hacker News new | ask | show | jobs
by purephase 4855 days ago
I think the most common is you have a single password, but you hash it with the name of the service you're logging into.

For example, if you're password is "puppy" and you're signing-up for HN, your password would be:

pHuApCpKy

And, if you wanted to make it stronger, salt it with some special characters.

p~Hu!Ap@Cp#Ky$

... which is just the shift-characters on a number row in order.

This way, you only have to remember one password, and it is service specific, and pretty strong. No password manager needed.

Of course, I don't do this. I use a 1Password and KeepassX.
1 comments
GhotiFish 4854 days ago
I like the idea of hashing off a root word + site. I'd rather have the browser do it for me though, and I don't think there's anything on the page itself that I could depend on to hash with. Maybe the domain?

To be honest, firefox has an encrypted database of site-passwords. What's wrong with that?

link
icebraining 4854 days ago
I have a system like that, that takes a master and the domain. The advantages over the Firefox password manager is availability and not having to worry about backups. Since I know the algorithm, I can recreate any password using widely available tools.
link
tlrobinson 4854 days ago
http://cynix.org/tools/superpwdhash

http://supergenpass.com/

https://www.pwdhash.com/

link