For the past few months, I've been exploring the current state of privacy on the web. I've also started building a set of tools designed to inform and empower the user by making the browser smarter. Of course, that broad goal could have taken me in many different directions (and as you'll soon see, it did) but I'm now ready to share my first tiny step down the most immediate path toward privacy management.
That most apparent path, I think, is better password management. Firefox already is pretty smart about discovering your passwords when you enter them into a form, and filling out forms on the web automatically. Firefox password storage is encrypted on disk with a master password, but the setting to change the master password isn't as discoverable as the password manager itself. The password manager does have a very simple interface allowing you to manage accounts and view passwords, but it offers no guidance to the user as to use passwords wisely.
I began thinking about what a modern password management system might look like, and how it could actively nudge the user to make better privacy decisions without becoming ignored (or worse, hated) the way software usually is when it interrupts the user.
With that in mind, my first step to a smarter password manager was to experiment with visual password hashing. As far features go, it's almost entirely unobtrusive. It's worth an explanation, in case you haven't seen it before. Visual hashing allows your computer to display something about the password you've entered without actually displaying your password on the screen. The idea is to map the set of all possible passwords to a (smaller) set of visual cues. For now, I'm using four colors.
|As you type your password, the four colors change. As time goes by, you'll remember your four colors and never attempt to log in with a mistyped password again.|
Of course, visual hashing is usually thought of as a feature designed for the sake of convenience rather than security. It does make password memory easier, which could make harder to remember passwords more manageable. As a feature within a password manager, I think it shows great promise as a UI metaphor for displaying your passwords on screen.
Additionally, there may be a genuine security gain from a password manager storing only the visual hash of a particularly valuable password. That manager could still provide a password hint to the user and keep track of where passwords are being reused. All without having to deal with the problem of storing a password on disk securely with a master password, as I imagine many browser users don't.
One last thought: I was briefly concerned about unsalted password hash information leaking out through screenshots, which could be useful to someone trying to crack a password. To deal with this, the colors that are displayed are modified slightly each time, so that a visual hash doesn't tell you the password's exact hash, while still being instantly recognizable to the eye.
The visual password hashing add-on works automatically on every website you visit, and is available for both Mozilla Firefox and Google Chrome. Try it, and let me know what you think. Send comments to firstname.lastname@example.org.
And, of course, check out the source code.