Anti-Phishing Passwords

By | August 2, 2005

An obvious but effective technique against phishing, here: altering each password so it’s tied to the domain name of the site. Then, if you’re trying to sign in to a phishing fake site, the password won’t match and won’t work. Here’s the story from InformationWeek – Stanford Computer Scientists Unveil New Anti-Phishing Software :

A pair of Stanford University computer science professors unveiled today a new password scheme designed to thwart phishing at bank and other sites where a user’s identity and money are at risk. Dubbed PwdHash, the technique involves hashing the user’s password with the domain name of the site in a way that ensures that the target site is the real one, and not a site designed by phishers to capture user information.

Here’s the site itself.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.