This page comes with no warranty, and it might even be bad for your security or health! Please do pick good passwords, and take means to protect them. Here is some better advice on what to do...

This page is based on one called twonz, and the notes to it are below this paragraph. The difference is that this one uses a different sha-1 function. (Neither page uses SHA-1 for real, they both drop '+' and '/' from the output). Also, the testhash line always hashes the same text ('test'), so that way you can verify that you typed the password correctly.

original copyright

this webpage is a self-contained program for computing secure password choices using a keyed message authentication code. it is copyright (C) 1999 vengeance software, written by graydon hoare and released under the terms of the GNU general public license v2.0+

to operate it, key the first field with your passphrase (it is not stored nor sent anywhere outside your browser, honest -- read the code), then enter the name of the facility, site, URL, etc. that you want to make a password for in the second field. press the button, and a password will pop up in the 3rd field. It will always compute the same password, and it's quite hard for anyone to figure out the passphrase from the generated password (they would need a way through SHA-1).