Conceptually Secure Generator Rated 5 out of 5 stars

A security problem with Firefox's password manager is that its kept locally, albeit secured, together with a username and its URL. Thus, the file can be copied, the encrypted files extracted, and because no limits can be imposed on examining a file, brute force decryption methods can be made indefinitely until a master password is found, such as with the freeware program, FireMaster. As more financial institutions go online, the benefit for the work involved makes it increasingly more lucrative for a professional hacker, and the losses great for a user. A simple way to insure best security is to generate an NSA or NIST quality password that is never stored, but used as needed, and that some way can be made to easily remember such as password.

This app does such a thing reliably, including using variables to increasingly confound the password, while still maintaining ease in remembering a password. The program is very flexible and covers many possible ways to use a master password, username and password combination, but with a price, its requires one to read the manual in detail to understand what is being done and what the many fields, and options, that are available in this app.

For a simple general use, this app has a basic mode, which uses a strong cipher generator. But many older websites limit the total characters for a password, or only take alphanumerics, or a limited number of symbols, and few allow the full unicode set including international characters. Thus, the basic mode can generate unsupported passwords for a particular site. If one customized websites as needed, the user has to remember specific customizations for each websites unless its exported in a configuration file that is then uploaded to a 'secret' location to be used on other computers elsewhere.

Luckily, I've found a way to use this app with limited customization that's easy to rmember.

Users should know that many password generator apps do not generate passwords that would not meet standards set by NIST document SP800-63V1_0_2.pdf or reduce their security by storing important local variables with FireFox. Many apps also do not specify which hash algorithm was used to create their passwords, and thus, its not pedigreed by the quality of documentation and analysis given such algorithm. One also cannot be sure if a truly secure hash was implemented properly, or that a backdoor has been built into the application somewhere.

So far, PasswordMaker passes my muster and appears to be one of the most secure methods for making quality passwords. It suffers a tad from its rich but very tech laden, user interface that could use a little more cosmetics to appeal to general users. Its fine for me.

This review is for a previous version of the add-on (1.7.3). 

Rated 5 out of 5 stars

PasswordMaker is usually the first add on I install when I set up a new browser. I'm so rapt by the way it provides easy high security authentication that I insist my wife and mother use it.

I wouldn't be without it!

This review is for a previous version of the add-on (1.7.3). 

The Most Invaluable Extension!!! Rated 5 out of 5 stars

This is an absolute must for me. I have like 50+ internet accounts, all with secure passwords. All I have to do is remember one master password. There are other password tools and generators that are perhaps more popular, but NONE so powerful as this one.

The level of control over password generation is unparalleled, bar none! And yet, it's so easy to use. You can create groups, and within those groups, you can have accounts -- each with specific parameters regarding that particular password. You can specify pretty much every aspect of the password: the length, the character set, whether to auto-populate, any modifiers to hash in, l33t level, l33t usage before and/or after password generation, any prefixes and/or suffixes, username, and hash method. I mean, what more could ask? If you don't want that level of control over each password, you can specify global settings and have at it.

Once the password is generated, it will show you the relative strength of the generated password (and this, my friends, is key). You can also specify auto-complete fields. Other password extensions don't do any of that.

TIPS I have found helpful:
1. hold ALT and press the ` key (left of the number 1) -- this activates the CoolKey and fills in all password fields

2. changing the character set order, can change the password

3. you can export your settings -- in case your computer dies, or you have more than one computer, or more than one OS

4. because you can create accounts, I use it for non-net accounts

This is really the most sophisticated password extension available. There are many features I haven't even touched. This extension is for net novices AND net know-it-alls alike.

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

Simply awesome. The best solution for passwords when combined with Firefox's password remembering feature. BTW be sure to use a master password for Firefox.

This review is for a previous version of the add-on (1.7.2). 

Not good in shared environments Rated 2 out of 5 stars

The p/w generator works well, but don't use the 'prefix' field to memorize external passwords that you can't generate, i.e. are shared with others, since this field is displayed in plain text without having to enter the master p/w. There's no way to synchronize passwords for multiple users.

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

Very nice. Useful and customizable. My precious!

This review is for a previous version of the add-on (1.7.2). 

Rated 1 out of 5 stars

Video on site is misleading, hate that crap. After I took the time to learn this plug in, I realized that it only auto fills the password, not the user name. This hardly saves me time, compared to other plug ins. Love the security of it, IS IT POSSIBLE TO AUTOFILL THE USER NAME???

This review is for a previous version of the add-on (1.7.2). 

roboform kills this good extension Rated 5 out of 5 stars

roboform kills this good extension. please contact them and stop it. i am always re installing after a roboform install.

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

After looking at 1Password for Safari where the author wants $40 for a similar add-on, I really appreciate this one for Firefox. Good show!

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

Beautiful solution - to do away with remembering multiple user name + pwd combinations ... for every site that you visit in the WWW

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

Great add-on, works perfectly, easy to use, does exactly what I want.

This review is for a previous version of the add-on (1.7.2). 

Most useful productivity tool Rated 5 out of 5 stars

This is the best add-on I have been using for last several months. If anyone finds problems with the user interface, here is my Quick Start list:

1. Install the Add-On and restart FF
2. Choose Add-On options in the notification window OR press (Ctrl + `) combo for the options.
3. Enter your Master Password and set the store option. I recommend 'In Memory'.
4. In the 'Advanced Options', change the defaults account settings - specially the Username and Characters (A..Za..z1..9 will cover most of the sites that do not require special characters).
5. If you are using different usernames, set up the accounts AFTER you browse to those sites...
6. Spend few minutes reading the Tips and Tricks at http://www.passwordmaker.org/Firefox/Mozilla/SeaMonkey/Flock/Netscape/Tips%26Tricks

This is a great idea and good product.

This review is for a previous version of the add-on (1.7.2). 

Terrible interface Rated 2 out of 5 stars

I'm a professional programmer, but I just can't figure out how to use this thing. It's got one of the worst interfaces I've ever seen. I wanted it so that I could have more than one password one one domain. I think it can do that, but I can't say for sure. I gave up after about 45 minutes of complete confusion.

I was unable to figure out how to make it do anything useful at all. The people who said, "It took me a while to learn it" weren't kidding.

This review is for a previous version of the add-on (1.7.2). 

Rated 4 out of 5 stars


i met the same problem, "wrong hash file"

This review is for a previous version of the add-on (1.7.2). 

Rated 4 out of 5 stars


i met the same problem, "wrong hash file"

This review is for a previous version of the add-on (1.7.2). 

can't install Rated 5 out of 5 stars

the download link is broken, "can't install because of wrong hash file"

This review is for a previous version of the add-on (1.7.2). 

Rated 4 out of 5 stars

This is a great ext, but would like to see a few features from Password Haser! Such as the # and * next to the password field that allows the easy of cliking to generate password or hide/unhide password

This review is for a previous version of the add-on (1.7.2). 

Rated 5 out of 5 stars

Took a little bit of getting used to but now don't know how I ever did without it. I feel totally lost without it on public machines. Yes there's the website but need to remember more than just the password unless you always use the same variables

This review is for a previous version of the add-on (1.7.2). 

I use this extention for more than 3 years Rated 5 out of 5 stars

And for so far, I remember just one password ! Really excellent and useful module (I install on almost each PC I work on). Clue : The online version (on sf.net) does not use the same "default" parameters than the Module version, so write the config down (MD5/8char length password I think).

This review is for a previous version of the add-on (1.7.2). 

Rated 2 out of 5 stars

Sorry, just far too complicated! It's probably as said in the help: once you "get" it you can't live without it but I'm just not prepared to study a whole manual in order to be able to use just one add-on. Good idea, though, and after some tweaks to usability I'll surely reconsider.

This review is for a previous version of the add-on (1.7.2).