Got an idea of secure password management on web

as everybody knows that Twitter was hacked, password is very important for yourself.

Here, I got an good idea to solve this.

  1. enter the same password for all website
  2. on submit, web browser automatically hash the password with the hostname(xxx.domain.com)
  3. send the hashed value to server without original password
  4. originally same password but different password for each website

Isn’t it good? I know it’s not enough because it’s not difficult to expect the original password from 2 or more hashed value. Setting for hash algorithm. domain name(www.domain.com), host name(xxx.domain.com), with protcol(https://xxx.domain.comwww.domain.com), host name(xxx.domain.com), with protcol(https://xxx.domain.com) or additional value(any value).

anybody make a firefox extension to realize this?

 

shiva