Pwdhash – Add-on password encryption
Phishing is a form of online crime that leads Internet users to websites controlled by fraudulent gangs. These websites are very sophisticatedly designed, they look no different from legitimate sites that they imitate.
With such a website, users are often required to provide sensitive personal information such as passwords, security card numbers, bank account numbers, social security card numbers or credit cards. This trick of information is usually done under the pretense of upgrading account information.
PwdHash is a project developed at Stanford University . This is an extension (add-on) for web browsers such as Firefox or IE that allow users to simply enter a unique password, which will automatically generate different passwords for other websites. together. The algorithm to generate passwords is a one-way hash function, so even if an attacker can obtain a password that has been converted by PwdHash, he cannot retrieve the user’s original password. .
The nice thing about PwdHash is that even though users are tricked into phishing websites created by phishing, and provide password information to them, the password is also encrypted by PwdHash into another form corresponding only to that fake website. only Therefore, they cannot use this encrypted password to access the user’s account at the real website, because the original password on the real website has been encrypted into another form, corresponding only to the real website. never mind.