A while ago, I wrote about taming the password flood. My suggestion for low-value passwords was to simply keep a standard one that you use on all those sites that shouldn’t require a password.
As all things security, this is a trade-off. You trade security for more convenience. The loss of security in this case is that a single compromised server will yield your password for all low-security sites. Wouldn’t it be great if we could have a different password per server, yet still only remember a single one?
Thankfully, the Internet – as usual – has provided the solution. Or, more correctly, Nic Wolff has given us a password bookmarklet. (If you’ve got better things to do than keep up with the newest web terms: A bookmarklet is a bookmark that contains Javascript and, instead of just sending you to a site, does something else. In our case, generate a password)
What does it do? It takes the current sites host name and a password you provide. Those two are then combined (with MD5, for the technically inclined) into a password for that specific site. That password is then automatically written to all password fields on that page.
How do I use it? First, drag the bookmarklet onto the bookmark list or the button bar of your browser. Here’s the bookmarklet: Generate Password.
Or, if you want something even more comfortable, use Chris Zarate’s password bookmarklet builder. It has a couple of improvements over Nic’s, it allows you to build a browser-specific version, and you can actually burn your master password into the bookmarklet. (Just make sure you don’t forward it to your friends!)
Then, whenever you need a password, just click on the bookmarklet. It will prompt you for your master password and generate the site specific password.
Now, a compromised site will only lose you that site’s password. And since MD5 is a “one-way function”, the hackers who compromised that site won’t be able to deduce your master password from this.
Remember: If it’s really important data, use a separate password. This is for low-risk applications like your local newspaper or your favorite bulletin board.