Why should I use it?

The idea behind Passwordo is two improve two aspects of password security. The first is to allow you to avoid having to share the same password with several different web sites. The second is to improve the strength of the passwords that you use, by generating complex passwords from a combination of several, easier to remember credentials.

Password reuse

If you use the same password for your online banking, commercial retail sites as you do for less reputable or smaller websites, you are taking a big risk. Smaller or less reputable websites may not encrypt your password in their systems securely or may be more vulnerable to being hacked. If criminals steal your password from one website they might reuse it to get access to your email, Paypal, Facebook and so on.

Passwordo allows you to use a different password on every website. Therefore, if one website is compromised, your accounts with other websites will remain safe.

Password strength

Simple passwords that are easy to guess are not very secure. However, complicated passwords are not practical because they are hard to remember. People can usually make the effort to remember one complicated password. However, human nature being what it is, when forced to remember several different complex passwords for different websites, many people resort to writing them down on a post it note stuck to their monitor or on a piece of paper in their wallet. This is also not very secure!

Passwordo offers a better solution to this by allowing you to remember just one secret password. You type this into Passwordo along with the website name and these two pieces of information are scrambled together in a cryptographically secure way to produce a new password that you use with each different website or application.

What if Passwordo is hacked?

Passwordo is not a password management system. Passwordo does even see your passwords, let alone record or store your passwords. This is a very important point. Passwordo uses an industry standard cryptographic tool to combine the two credentials (your master password and the site name) together to produce a new password for a website, in a way that is very, very hard to reverse.

This technique is called hashing and the algorithm used is called SHA-256, that was developed by the American government (NSA). Furthermore, this 'hashing' is done entirely in javascript in your browser, running on your own computer. Your master password never transmitted out across the Internet where it could be intercepted or hijacked.