Tag: website password

Password hashing to stop the phish

A couple of faculty members from Stanford University have developed a new tool in the war against phishing that could become very sticky. Instead of sending passwords input into web pages across the net in plain sight, John Mitchell and Dan Boneh have developed a hashing methodology which scrambles the passwords in line with the valid website address for which it is intended.

The process has purportedly been implemented on several popular web browsers, although I don’t know which. And while the program, entitled simply PwdHash, requires the user to re-enter passwords for all their valid site acccounts and use some special characters ahead of the password each time they enter it thereafter, this seems like a pretty straightforward approach to protecting everyday folk.