Anti-Phishing Passwords

An obvious but effective technique against phishing, here: altering each password so it’s tied to the domain name of the site. Then, if you’re trying to sign in to a phishing fake site, the password won’t match and won’t work. Here’s the story from InformationWeek – Stanford Computer Scientists Unveil New Anti-Phishing Software :

A pair of Stanford University computer science professors unveiled today a new password scheme designed to thwart phishing at bank and other sites where a user’s identity and money are at risk. Dubbed PwdHash, the technique involves hashing the user’s password with the domain name of the site in a way that ensures that the target site is the real one, and not a site designed by phishers to capture user information.

Here’s the site itself.

02. August 2005 by jeremy
Categories: Phishing, Scams, Security | Tags: , , , , , , , , , , , | Comments Off on Anti-Phishing Passwords