Everyone knows by now that you should use a unique password for every web site that requires one, and that those passwords should be tough to guess. But managing all of those passwords is tough, and it gets tougher if you’re a roaming web worker who might need account access from anywhere, across a variety of operating systems and browsers. PasswordMaker offers a unique way to solve this problem, by letting you remember a single password and generating all of the others for you.
PasswordMaker takes advantage of the power of a one-way algorithm to do this: a mathematical formula that always yields the same output when presented with the same input, but which is prohibitively hard to run in reverse. In the case of PasswordMaker, the inputs are your master password (a single strong password that, hopefully, you won’t write down anywhere) and the URL of the site you’re visiting (or any other text you choose). Given these inputs, PasswordMaker will generate the same password every time – and then it can copy it to the clipboard or auto-populate a login form for you.The big attraction of PasswordMaker is that you’re not tied to a database of passwords stored on a single computer (or, worse, on the web somewhere). If you’re at a new computer, just install the software, remember your master password, and all of your other passwords are right there for you, waiting to be regenerated on demand.
Even better, the basic algorithm of PasswordMaker (which is open source, a good thing if you want to verify that the software isn’t doing anything nefarious with the information that you enter) has been ported to a variety of environments. You can use it as a Firefox addin (I tested in Firefox 3, and it works fine), an Opera widget, a Windows desktop or command-line application, a Yahoo! widget, mobile and web editions, or a Mac widget. This makes passwords much more portable than any competing solution that I know.
PasswordMaker isn’t perfect for everyone. It lacks the advanced identity-management features of an application like 1Password. But for the web worker who wants to move to strong passwords, it’s an excellent choice.