Hashed 1.1.1 is available on iTunes. It contains a minor bug fix for iOS 5 support with the bookmarklet.
12 Oct 2011 at 22:24
11 Sep 2011 at 22:34
Update via Safari’s extensions preferences or download.
- Support for an alternate master password.
- New keybindings: ⌘’ for primary and ⌘; for secondary. Previous keybinding ⌘\ still works (as primary).
- Use alt/option (⌥) with new keybindings to suppress auto-fill and instead use click-to-fill.
Please report any bugs on GitHub.
04 Aug 2011 at 01:56
You can get version 0.3 now which has two improvements:
- can be updated via Safari’s Extension preferences
- adds a keyboard shortcut ⌘\ (same keyboard shortcut as 1Password)
Important: I changed the bundle identifier which means this new version will install a second copy of Hashed. You will need to remove the 0.1 version and enter you master password in the new version.
25 Jul 2011 at 20:10
I created a Safari extension which I am just calling Hashed for Safari (zip). At this point it seems to work fine but has a major limitation that it is not at all easy to use multiple secret passwords. I don’t know how many PwdHash users use multiple secret passwords but I know it affects me so I’ll be hoping to improve that in a future release.
The source is available on GitHub if you want to improve it. Keep in mind though that any changes need to keep the secret password secure from the site you are on. You can also create issues if you come across any bugs or wish to make a feature request
14 May 2011 at 13:49
07 May 2011 at 14:42
Storing your passwords anywhere is dangerous whether that be in a database (1Password), in the cloud (LastPass), or using an algorithm (PwdHash). In all three cases an attacker needs only compromise your master password and he would have access to all your passwords. In the discussion of LastPass’s (possible) security breach this would be what many people have been calling a “single point of failure”. While it is valid concern it it would be far worse to return to weak and frequently used passwords. Realistically all of these tools create a net gain in your security.
They enhance your security by making it far easier to use strong passwords. A reasonably long password that is not based on a dictionary word or other commonly used phrase will be near impossible for an attacker to crack. PwdHash’s algorithm always generates a password that contains at least one lower case letter, at least one one upper case letter, and at least one number. They are not based on any word and are always two characters longer than your master password.
Another way password utilities can enhance your security is that they make it easier to use different passwords for different sites. This is very important because you don’t want someone else’s security problems to cause your too-frequently-used password to be exposed. If you’ve used a separate password for every site then a breach in one is mitigated to only that site. One major caveat here is your email server because so much can be accomplished if someone has access to your email.
Security is always a compromise and you have to make that choice for yourself. Just try to be informed so that you understand what compromise you are making. Personally, I’ll continue using PwdHash and while I may seemed biased having written Hashed my opinion really is based on what I think works well for me.
06 May 2011 at 23:41
01 Apr 2011 at 00:03
- Fixes PwdHash compatibility bug for some passwords which were missing capital letters according to the PwdHash algorithm.
- Extends support to iOS 4.0 (previously 4.2).
27 Mar 2011 at 20:30
A bug was found in the 1.0 version of Hashed which would cause it to generate a different password than PwdHash.com in a small number of cases. The code has been fixed and the update submitted to the App Store. Until 1.0.1 you should be cautious when creating new passwords.
Please report any discrepancies you discover as compatibility with PwdHash is our highest priority.
23 Mar 2011 at 23:28
If you use the same password everywhere then all it takes is one mistake and all your accounts can become vulnerable. For most people security is a compromise between safety and convenience. You know you shouldn’t use the same password over and over but its just so hard to remember many passwords. That is exactly why you should use PwdHash; it lets you remember one password to easily create “random” passwords based on your secret password and a website’s address. And since it uses the website’s address it also helps protect you from phishing attacks.
And of course if you have an iOS device you’ll want Hashed to generate your PwdHash passwords without having to load webpages and wait on your network connection more than you have to.