you're reading...
Cryptography, Geek Stuff, Life Hacks, Security

One-Time Pa(d)sswords

Password Code: Use ONCE! Trash it, don`t reuse it!Remember that time when I talked about how you should never recycle passwords?  Yeah, I know, I don’t stop telling you that. And most of you don’t stop recycling passwords either! And no, recycling passwords is not helpful to the fight against climate change. Who told you that? It is, however, very harmful to your privacy!

And I can’t say it often enough that current systems may be enough for now but you must never be complacent because you must never underestimate the laziness and stupidity of people like those at Sony. I know it’s difficult but  it’s all just a matter of habit and one day you’ll be thankful for it. (Or you’d wish you listened to me. Then I can say, ‘I told you so‘.)

Anyway, I found a web application that may just be useful to your laziness. It’s pretty much like the One Time Pad encryption. And lucky you, all you need is just one master password! Okay, so I don’t know what it’s called. But who cares? You get to be lazy and stay secure. Yay! I think it’s called “hash” but I like to refer to it as “The OTP Thing“.

This may just be the solution to password recycling and your key management problems! Try it: the url is 'http://wordpress.com' and the password is 'password' and you'll get the same hash. And for the love of god, don't use 'password' as your own master password!

So how does the otp thing work? It takes a domain name, and a master password and return you a hash. The password is generated on your computer using JavaScript so nothing is sent over the network. You can then use the hash, or part of the hash, as your password. There is also a bookmarklet available which automatically detects password fields and fills them in for you.

The OTP Thing or Hash isn’t 100% bulletproof as there are still other ways you may be attacked like phishing and keyloggers, but at least it’s better than recycling passwords!


About princess of antiquity

Abbi Cabanding is a member of the Security Bloggers Network and had been blogging on information security since 2006. She is also a member of the Association for Computing Machinery. She studied Computer Science and Fine Arts at the University of the Philippines - Diliman.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Sin of Silence E-Book

single-page view
two-page view

On Wordpress

  • 96,913 readers

Subscribe via FeedBurner

Enter your email address to receive notifications by email.

Princess of Antiquity on Twitter

RSS Princess of Antiquity on Tumblr

  • An error has occurred; the feed is probably down. Try again later.

Creative Commons

Creative Commons License
Original content in this work is licensed under a Creative Commons License.
%d bloggers like this: