as everybody knows that Twitter was hacked, password is very important for yourself.
Here, I got an good idea to solve this.
- enter the same password for all website
- on submit, web browser automatically hash the password with the hostname(xxx.domain.com)
- send the hashed value to server without original password
- originally same password but different password for each website
Isn’t it good? I know it’s not enough because it’s not difficult to expect the original password from 2 or more hashed value. Setting for hash algorithm. domain name(www.domain.com), host name(xxx.domain.com), with protcol(https://xxx.domain.comwww.domain.com), host name(xxx.domain.com), with protcol(https://xxx.domain.com) or additional value(any value).
anybody make a firefox extension to realize this?