|File Search||Catalog||Content Search|
Hashing is triggered by prefixing the password with '@@' or by using the shortcut key 'F2'. The password field in focus is replaced by the hash value. Should the site be compromised, the attacker can now only see the hash of the password, not the password itself.
PwdHash does not encrypt passwords, but it makes brute-force attacks much less effective. It also means phishing sites can only steal a hash that's specific to the spoof page and useless on the site being imitated.
pwdhash (1.7-13) unstable; urgency=low * Bump Standards-Version to 3.9.3 (no changes required). * Update machine-readable copyright Format to 1.0. * Bump maxVersion to * to support all Iceweasel/Firefox versions. -- Benjamin Drung <firstname.lastname@example.org> Wed, 28 Mar 2012 13:50:41 +0200 pwdhash (1.7-12) unstable; urgency=low * Bump maxVersion to 10.* to support Iceweasel/Firefox 10. (Clos more»
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: PwdHash Upstream-Contact: Collin Jackson <email@example.com> Source: http://crypto.stanford.edu/PwdHash/ Files: * Copyright: 2005-2008, Stanford University License: BSD Files: chrome/content/md5.js Copyright: 1999-2002, Paul Johnston License: BSD Files: debian/* Copyright: 2009, Francois Marier <franc more»