Author Topic: Inconsistent Results Phone/Web/Download  (Read 5082 times)

Offline xd11

  • Normal Members
  • *
  • Posts: 1
Inconsistent Results Phone/Web/Download
« on: July 19, 2010, 05:02:11 PM »
Recently discovered PM and it looks like exactly what I decided would be the best way to manage my passwords.  However, while using clues from the website I wanted to log into and my own mental hashing (with help from a calculator) would have worked it may not have been truly secure.

I first downloaded PM to my iPhone.
Then downloaded to my windows PC
Then tried the on web version.

Each one gave me a different result.
I used MD5
I used aol.com as the URL.  I used a very simple one word alpha password, the same case of coruse
I did not use any of the extra pieces (seeming a bit different in each of the three aps). NO modifier, Leet, Prefix, etc.
I did only use A-Z,a-z,0-9 and made sure they were listed in the same order in each when I had a choice.
I used 14 as the password length but found the same with other lengths.

Any thoughts other than I am a complete idiot? 

Offline itismike

  • Normal Members
  • *
  • Posts: 2
Re: Inconsistent Results Phone/Web/Download
« Reply #1 on: August 31, 2010, 04:07:08 PM »
I have exactly the same question. How can I use this on my Android phone and my Firefox browser if the resulting hashes don't match? I was able to get the FF plugin to match the Javascript page, but I can't get the Android app to mimic the resulting hash.

Offline itismike

  • Normal Members
  • *
  • Posts: 2
Re: Inconsistent Results Phone/Web/Download
« Reply #2 on: August 31, 2010, 04:25:55 PM »
I think I just figured it out. I was reading another forum thread about someone who had concerns about having the same passwords as someone else if they happened to use the same master password. Turns out that the PW generation function also uses your username, and I had entered a username in my Android app. When I enter that same username in my web app, the resulting passwords match fine.

Offline Miquel 'Fire' Burns

  • Administrator
  • *****
  • Posts: 1157
  • Programmer
Re: Inconsistent Results Phone/Web/Download
« Reply #3 on: August 31, 2010, 08:11:52 PM »
About EVERYTHING you enter on the web app (and the versions that use that as reference for it's UI) basically uses every field for the hash.

Actually, I'm amazed the original topic was never responded to.
"I'm not drunk, just sleep deprived."

PasswordMaker Forums

Re: Inconsistent Results Phone/Web/Download
« Reply #3 on: August 31, 2010, 08:11:52 PM »