|Michaël Lemaire b76d7c040a Dependency upgrade and use weakset instead of data-attribute||10 months ago|
|cli||1 year ago|
|dist||1 year ago|
|src||10 months ago|
|.editorconfig||1 year ago|
|.gitignore||1 year ago|
|.npmignore||1 year ago|
|README.md||1 year ago|
|activate_node||10 months ago|
|manifest.json||1 year ago|
|package-lock.json||10 months ago|
|package.json||10 months ago|
|tsconfig.json||1 year ago|
HashLock is an add-on for the Mozilla Firefox web browser, allowing you to use a different password on each website.
Important note : This is alpha software, and is not yet available on the official add-ons store. Use at your own risks.
Having a different password on each website is a strong security recommendation. This way, if a website is hacked, and your password is stolen, it can't be used on every website you've got an account on.
This add-on helps by generating a unique password for you, on each website you visit. The password is generated from 3 components :
http://www.mozilla.com/en/, the part
mozillawill be used)
bananawithout security risk)
The private key is added as an extra layer of security. The only downside of it is you have to keep it in a safe place, and you get to have it if you're not on your usual computer.
Once reaching a beta stage, the add-on will be made available from the official add-ons store.
If you are a developer, you can clone the repository, and use these commands to test the add-on:
npm install npm run build npm run browser
On the first install, the add-on will generate a unique private key. This key is accessible from the add-on's options page. This key is very important and you should keep a copy of it in a safe place. Don't change this key once it has been used to generate a password, or the password will change too.
Now, when you have a password field on a website, all you need to do is type inside a simple keyword of your choice, followed by the dash sign
# (for example, type
foobar#). You can use the same keyword on each site (it is even recommended). Once you click outside the password field, a secure password, unique to this website, will replace the typed one. The field should get surrounded by a yellow frame, so that you know it worked.
The only thing you have to remember is the keyword you typed before the dash sign, and always use it.
The site tag used to generate the password is extracted from the site's domain (eg.
www.example.com will use
example as site tag).
If the site detection is wrong, or if the password has been created on another domain (for example, live.com and microsoft.com share the same password), you
can specify the site tag with the syntax
By default, generated passwords are composed of 12 alphanumeric characters. To generate different length, or character sets, the syntax
foobar~12w# can be used.
The number is the length of generated password, and the letter is either
w for alphanumeric,
d for digits or
c for alphanumeric with a special character.
All syntaxes may be combined:
Sources can be found, reviewed, or contributed to, on GitHub.