Why?If you already have the SuperGenPass bookmarklet added to your browser, go on, give it a try on this page.If your SGP bookmarklet is open to sniffing, you'll see one or two red boxes appear here: What is SuperGenPass? (aka SGP)SuperGenPass is a bookmarklet that you use to generate site-specific passwords. All you need to remember is one password!Read this page for more information: Frequently asked questions AYSuperGenPass vs the Official SuperGenPassBetter Compatibility with ChromeAll of the fixes mentioned in this thread have been integratedMore SecureThe issue illustrated above with SGP is that every bookmarklet generated uses the same predictable IDs for its password fields (e.g. gp2_master, gp2_show_pass, gp2_show_master_pass).Each bookmarklet generated below has randomized element and function identifiers! No two bookmarklets generated on this page are the same! More PrivateThe original SGP (v2.01) bookmarklet code loads two images from the supergenpass.com server:var%20FieldFoundStyle=(TestImage.complete)%3F'%23fff%20url('+FieldFoundData+')%20no-repeat%20top%20right':'%23fff%20url(http://files.supergenpass.com/img/sgp0.gif)%20no-repeat%20top%20right';var%20FieldPopStyle=(TestImage.complete)%3F'%23fff%20url('+FieldPopData+')%20no-repeat%20top%20right':'%23fff%20url(http://files.supergenpass.com/img/sgp1.gif)%20no-repeat%20top%20right';The above code sets the background of specific elements as http://files.supergenpass.com/img/sgp0.gif or http://files.supergenpass.com/img/sgp1.gif. This means that every time you click on the SGP bookmarklet, it will pings the files.supergenpass.com server, where your IP address, current site, and browser user agent are logged. I wasn't comfortable with this so I took it out! My modified SGP bookmarklet does not include these two URLs (or any external callbacks for that matter). |
Generate Your Unique AYSuperGenPass BookmarkletError: Master passwords empty or do not match. Error: Stealth passwords do not match. |