Anti-Phishing Passwords

An obvious but effective technique against phishing, here: altering each password so it’s tied to the domain name of the site. Then, if you’re trying to sign in to a phishing fake site, the password won’t match and won’t work. Here’s the story from InformationWeek – Stanford Computer Scientists Unveil New Anti-Phishing Software :

A pair of Stanford University computer science professors unveiled today a new password scheme designed to thwart phishing at bank and other sites where a user’s identity and money are at risk. Dubbed PwdHash, the technique involves hashing the user’s password with the domain name of the site in a way that ensures that the target site is the real one, and not a site designed by phishers to capture user information.

Here’s the site itself.

Disclaimer

All opinions are my own, and not necessarily those of Thomson Reuters.

Reference

Categories

RSS loose wire blog