Finally a secure, humane solution to the password problem

I finally got scared enough about my password situation that I took action. And I feel so much better. Like many of you, I used the same password on many many web sites. Even admin accounts on my Drupal clients' sites and my admin account on drupal.org. I always used a different password for my financial accounts, but thats not good enough. Sharing passwords across service providers is a really bad idea because ...

I received notice from two of my service providers that they were hacked and don't know if my pasword was stolen or not. One recommended that I cancel my credit card. Those vendors are wush.net and dreamhost.com. Ugh. So I was faced with the prospect of changing my password everywhere or just praying. I'm not religious, so praying was out. I changed all my passwords, and used a different password on each site. But I still only have to remember one password. The magic is in a bookmarklet provided by SuperGenPass. Now when I have to provide a password to a web site, I just click the bookmark and it fills in my password. The bookmarklet uses the site's domain and my master password and a hefty dose of md5 scrambling to generate a site specific password.

The skeptical engineers out there will quickly ask - "what about when you are away from your PC - you can't login anywhere". Well, this is an easily solved problem. I put up a web page on my own site which will tell me my password based on the domain I am logging into. I just put my master password and ebay.com (for example) into the form and it spits back my password. Then I copy and paste into the login form at ebay.com and I am in. So traveling is no problem at all.

This system added no hassle, and much more security. I highly recommend it.