PasswordMaker Forums
Firefox/SeaMonkey/Mozilla/Netscape/Flock Browser Extension => Help and Support => Topic started by: Rogue on July 18, 2005, 06:32:50 PM
-
I have read threw the forum post and haven't been able to find a way to fix my problem. Alot of my passwords are of the 0.6 version and when i went to the 0.7 version i'm unable to get the same pw. When i put in the 01234567890abcdef i am unable to generate the same pw. Am i missing something? Thanks for the help
version 0.6
settings, - master pw
yahoo.com
i33t =6
hash =hmac-md4
length =10
pw=8c2d8bfab9
version 0.7
all settings the same but pw=15b0305072.
Thanks again,
Rogue
-
sry left out the url setting. the url setting is on domain
-
Hi Rogue,
There's a typo in the character "tips." The characters to use are not 01234567890abcdef but 0123456789abcdef. Sorry for the confusion.
Regards.
Eric
-
Thx for the quik response back to me. thanks i will give it a try. Is this noted elsewhere in the forums? sry if i missed it.
Thanks for putting out such a good product. It is so handy and as anyone can see by your quik forum replys you give alot to taking care of the people that use it.
Thanks alot and keep of the great work
-
Hi Rogue,
Yes, it was discussed here (http://forums.passwordmaker.org/index.php?showtopic=96), but don't worry about not finding it. It's usually easier to post a new topic than searching through the old ones... :)
Thank you very much for the compliments. They mean a lot.
Regards,
Eric
-
I've nearly same problems. On some websites PM 0.7(.1) seems to generate different passwords then 0.6. I left the character field empty, most of the passwords work but in some cases they doesn't, but I can't find any differences in my settings or the domain...
Maybe someown has an idea...
-
Hi,
I left the character field empty
That's the problem. The character field should be 0123456789abcdef if you want to get the same passwords from 0.7 as 0.6 generated.
Regards,
Eric
-
OK, I will try this, but why do some passwords work with the character-field empty and other ones don't ? :rolleyes:
-
No luck. I'm using HMAC-MD5 but v.6 and v.7 with 0123456789abcdef, gives different passwords. Only 'domain' is selected as the URL component.
Please help/
-
It's just not possible. Can you show me a screenshot of your settings?
-
sure. I can but I can't figure out how to post screen shots (I've them as jpgs).
-
Upload them to imageshack.us (http://imageshack.us) and copy/paste the links here.
Alternatively, you can type all the values you are using, but I'd prefer to see screenshots because that way no stone can be left unturned.
Thank you,
Eric
-
I've uploaded the screenshots. The top image is from v0.6.
(http://img301.imageshack.us/img301/2263/pwmaker4er.jpg)
Thanks for the great piece of software. It rocks!
-
Hi,
I can't duplicate your problem. Here's a screenshot of what I get with your settings using PasswordMaker 0.7.1. The same password is generated as what you show in 0.6:
(http://img28.imageshack.us/img28/9298/fee6zi.th.jpg) (http://img28.imageshack.us/my.php?image=fee6zi.jpg)
(click thumbnail for larger image)
What do you suggest?
Regards,
Eric
-
Hmmm... I'm surprised and shocked. How did you get my same password "c1ca8854" generated on your v0.6 instance without knowing the master password?? I thought given the password, and the website it is impossible to reverseengineer the masterpassword. Please explain! Is there a security hole somewhere? Hope not since this is a great piece of software.
-
How did you get my same password "c1ca8854" generated on your v0.6 instance without knowing the master password??
I left the master password empty.
I thought given the password, and the website it is impossible to reverseengineer the masterpassword
That's right. It would take many lifetimes to reverse engineer the master password -- assuming you're using one!
Is there a security hole somewhere? Hope not since this is a great piece of software.
Thank you. No, there's no security hole. You really must use a master password or you'll be susceptible to the very attack that happened here -- I happened to leave the master password field blank/empty, and got the same results as you because all the other settings were the same.
If you select a master password instead of using an empty one, it will take many lifetimes for anyone to reverse engineer your master.
Hope this answers your question -- let me know if you have any others,
Eric
-
Thanks for the quick reply. Wow I feel better now!
Sound like we need some warnings to indicate a blank or insufficient length master password. Afterall the strength of the generated passwd depends on the strength of the masterpassword.
A blank password without warnings is easy to miss, since PM generates a password anyways and one (after several uses) does not pay attention and use the shortcut keys to copy pwds.
Please consider adding a warning in the next patch. Thanks much!
-
I really have been out of town and really haven't used it, so sry for such a late response.
Well this is what i'm getting. With 0.6 and 0.7.2 i get the same pw minus the master pw, all things being set the same. When i put in the master pw the first digit of the pw gets moved to the back of the new password with 0.7.2.
ie 0.6 = 0abccab125
0.7.2= abccab1250
I have been able to duplicate at my work pc and on the online version.
-
Please consider adding a warning in the next patch.
OK, I will do that.
RogueMD, what characters have you specified in the Characters field for PasswordMaker 0.7.2?
-
In the new update it is fixed, but i put in 0123456789abcdef.
really is odd, there is no reason that if i get the same pw in both versions that just adding the master pw should change the overall pw
-
So everything's working for you now?
-
No sir, still is not working for me.
-
sry last two post were me. just didn't put my name in
-
I don't understand. You wrote:
In the new update it is fixed, but i put in 0123456789abcdef.
So what's the problem you've having?
-
In 0.7.2 the charactors that are auto placed are correct. In the other versions they had the extra 0 between the 9 and the A.
-
OK, so is there anything else I can help you with? It seems everything's working for you now...
-
Yes i'm still having this problem.
Well this is what i'm getting. With 0.6 and 0.7.2 i get the same pw minus the master pw, all things being set the same. When i put in the master pw the first digit of the pw gets moved to the back of the new password with 0.7.2.
ie 0.6 = 0abccab125
0.7.2= abccab1250
I have been able to duplicate at my work pc and on the online version.
-
OK, now I understand. This bug is being discussed here (http://forums.passwordmaker.org/index.php?showtopic=144&view=getnewpost), too.
Please read that thread and post your suggestion about what to do over there...
Thank you,
Eric
-
Sry for all of the confustion that i put you threw. Thanks for the link. I will check back on the forums to see the final outcome of this issue. I will just go and change all my pw's to the 0.7.2 version. Sounds like that is just going to be the easiest way to fix the problem.
Might want to make a locked post explaining this problem, so you don't have to go threw this again. I know you have spent alot of time on just this thread, again sry for that and keep up the solid work.