Experiment in Password Masking
HashMask is an attempt to find a more secure middle ground between clear and masked passwords. It does this by visualizing a hashed representation of the password as a sparkline with color – the intent being that the user would become familiar with this image and be able to easily confirm that they typed the right (or wrong) password.
How does it work?
HashMask is a jQuery plugin that will produce a unique and non reversible visualization of a users password. The hope being that they would be able to confirm that they entered their password correctly, but no one else would. It also degrades gracefully so that users without javascript or a poor browser (IE6) will just see a password field.
Technically speaking, it uses a subset of the sha1 hash of the password as the seed for the sparkline’s shape and color. It should be relatively safe from reverse engineering as a result. There is the potential to estimate a possible range of characters of the first section of the hash, but overall this should be a extremely low risk.
Can I use it?
HashMask is still alpha-level software, but it should be relatively safe to use on an experimental basis if you are interested. It should work on Firefox 3, Safari 4 and IE6+. It’s available here, as well as on google code.
You might also like
Tags
accordion accordion menu animation navigation animation navigation menu carousel checkbox inputs css3 css3 menu css3 navigation date picker dialog drag drop drop down menu drop down navigation menu elastic navigation form form validation gallery glide navigation horizontal navigation menu hover effect image gallery image hover image lightbox image scroller image slideshow multi-level navigation menus rating select dependent select list slide image slider menu stylish form table tabs text effect text scroller tooltips tree menu vertical navigation menu