let it work under ff 3.5 Rated 5 out of 5 stars

1. download the installer from http://crypto.stanford.edu/PwdHash/#download with rightclick "save target as" on your desktop. 2. change the extension from xpi to zip. confirm the warning 3. open with winzip or winrar 4. open the the folder install.rdf with wordpad and search for: em:maxVersion>3.0.*>> evrything works. excuse my bad english. greetings from thee deep west south of germany tinytimmi

This review is for a previous version of the add-on (1.5). 

let it work under ff 3.5 Rated 5 out of 5 stars

1. download the installer from http://crypto.stanford.edu/PwdHash/#download with rightclick "save target as" on your desktop.

2. change the extension from xpi to zip. confirm the warning

3. open with winzip or winrar

4. open the the folder install.rdf with wordpad and search for:3.0.*

5. change from 3.0. to eg 3.6 and save it.

6. delete complete folder "META-INF" in the zip folder.

7. Close the zip archive

8. rename the zip archive back to xpi. confirm the warning.

9. open the xpi via ff, or doubleclick and>>> evrything works.

excuse my bad english. greetings from thee deep west south of germany
tinytimmi

This review is for a previous version of the add-on (1.5). 

Rated 5 out of 5 stars

Version 1.5 of PwdHash is outdated. There's a newer version 1.6 on http://crypto.stanford.edu/PwdHash/#download but unfortunately it's still not made for Firefox 3.5...

This review is for a previous version of the add-on (1.5). 

Rated 5 out of 5 stars

This is the best addon for anyone who wants to keep their passwords safe online.

Hopefully a Firefox 3.5 version will be released soon, because I really can't live without it!

This review is for a previous version of the add-on (1.5). 

Rated 5 out of 5 stars

A addon i almost can't live without.

This review is for a previous version of the add-on (1.5). 

Rated 5 out of 5 stars

Great plugin, saves you from remembering hundreds of pwds or using the same on every site. I'm using it for many months now, highly recommended!

This review is for a previous version of the add-on (1.5). 

New Hash Please! Rated 5 out of 5 stars

I've used this add-on for a year now and love it's usefulness, however MD5 is a weak hash. Any chnace that will change to SHA-1 or MD-6 ? :D

The PWDHash site also uses an MD5 hash to sign the cert. btw...

This review is for a previous version of the add-on (1.5). 

Songbird Compatibility Rated 5 out of 5 stars

For those who are using Songbird as your media player of choice, I have ported PwdHash to Songbird. It is a naive port with just enough changes to get it to install. There will be bugs but basic functionality is there. Let's hope the authors update PwdHash to provide full compatibility.

http://addons.songbirdnest.com/addon/1488

This review is for a previous version of the add-on (1.5). 

Rated 5 out of 5 stars

If you don't want your passwords to be visible at the content providers site this addon is for you.

Easy, simple, works good.

This review is for a previous version of the add-on (1.5). 

Simple and works Rated 4 out of 5 stars

I've been using this plugin since 2007 - and it works perfectly.

I normally use the enter masterpassword +F2 function as the password visually gets 2 char longer

For a full review see http://edgecrafting.blogspot.com/2007/08/pwdhash-one-password-to-rule-them-all.html

Tip for Beta users;

bypass the security check by adding the preference extensions.checkUpdateSecurity and setting it to false (though not recommended for casual users).

type about:config in the address bar and press Enter
1. Right-click -> New -> Boolean
2. Name: extensions.checkUpdateSecurity
3. Value: false '

Restart browser and install plugin

This review is for a previous version of the add-on (1.5). 

Rated 2 out of 5 stars

It looks like a great tool but copy-paste function does not work (i.e. for gmail.com)

This review is for a previous version of the add-on (1.5). 

Great add-on Rated 5 out of 5 stars

This is generally very simple and great add-on but it lacks the feature of form filling because i have to F2 every time i have to acknowledge the new password i type into website form. Excerpt this the general grade for this tool is 5.0!

This review is for a previous version of the add-on (1.5). 

Rated 3 out of 5 stars

Useful add-on. Only thing I don't like is that it doesn't indicate whether a password hash is being generated or you're just submitting your master password.

This review is for a previous version of the add-on (1.5). 

Firefox 3.0 RC1 compatible version available! Rated 5 out of 5 stars

PwdHash 1.5 is compatible with FF 3.0 RC1 and is available on the Standford website! It is in the review queue for addons.mozilla.com but you can download it directly in the meantime.

http://crypto.stanford.edu/PwdHash/#download

This review is for a previous version of the add-on (1.5). 

MyAccounts -2 Rated 5 out of 5 stars

I use pwdhash for 4 email accounts, 3 ISPs, 2 credit cards, 1 credit union, 1 bank, the patent and trademark office, and many e-commerce sites for which I don't want to remember individual passwords. Also I've made it my ie homepage so I can copy-paste into popups that don't accept the @@ prefix. I've only found 1 brokerage and 1 employer that are incompatible in password policy.

If you download the pwdhash.com webpage to a usb flash memory, you can edit the default site address from example.com to a website which you want to access when you are away from a computer with the add-on.

This is a perfect solution for the "common password" problem in that it is common for people to reuse the same password for multiple purposes.

If this were available on my iPhone browser, my life would be even better.

This review is for a previous version of the add-on (1.3). 

Recommended for everyone. Rated 4 out of 5 stars

There are very few sites this tool cannot be used on (such as those with flash registration forms, sites with multiple domains that use a different one for registration and login, etc.), but you can usually still change the password later and use it even in some cases. I would recommend this tool to anyone, simply because, being an IT guy, I know how foolish some people are with passwords. Using a hash function based on the domain prevents these users from actually using the same foolish password for every site, even if they use the same foolish password for every site. The only thing you really have to take into account is those sites that have restrictions on password length/characters. You have to adjust the password accordingly, but it's pretty simple. I give it a 9 out of 10.

This review is for a previous version of the add-on (1.1). 

Good, when it works Rated 2 out of 5 stars

Other reviews have mentioned the problem of sites requiring a different syntax for passwords than PwdHash generates, and there are a number of different possible problems here. For some, the generated password is too short or too long, others require special characters in the password that PwdHash doesn't generate (others forbid these characters).

But I've encountered a couple of other problems as well. For some sites, it just doesn't generate a password, but leaves the master password you type, which gets sent to the site. I now know to type in the confirmation password using the opposite prefix (@@ vs F2) than I used for the original password. If the site says that they don't match, I know that PwdHash didn't work. Often, I can look to see if the number of asterisks changes when I tab out of a password field; if it doesn't, then PwdHash didn't work, and I don't have to submit the form to find that out.

Another problem I found is on some sites, I was able to successfully create a password,
but when I went to log in again, PwdHash told me incorrectly that the caps-lock was on after I typed the F2 key and a single character. If I typed @@ and the character, it told me that my password was too short to protect.

Queries I made about these problems to the authors have been unanswered.

This review is for a previous version of the add-on (1.1). 

The Good, the Bad, and Ugly Rated 4 out of 5 stars

It's good to have such a convenient plug-in. I used it quite a bit. The bad part about is that some passwords it generates are either too long or invalid for so called SECURE web sites. The ugly part is these SECURE websites claim it is more secure to restrict usage of longer passwords or restrict usage of to certain characters. NOT!!!

Oh well. I still love this tool. Hopefully such web sites as www.navyfcu.org, home.americanexpress.com, will consider the benefits of pwdhash and loosen up their password format restrictions.

Another problem is, for example, www.quicken.com that has a second domain, quicken.intuit.com. This gets a little bit complicated if you do not recall which domain you used when you hashed your password.

Hopefully, those potholes will be fixed by enhancement of pwdhash to account for such inconsistencies or the web site application developers make their sites compatible with pwdhash.

Other than that I like pwdhash and feel more secure using it. Hopefully it will get better over time.

This review is for a previous version of the add-on (1.1). 

very nifty Rated 5 out of 5 stars

This is a extremely useful plugin. Just remeber one password, and let this plugin do the magic!

This review is for a previous version of the add-on (1.1).