• home
• help
• about
• tools
• blog

Help!

Questions? Having problems with simplepassword.com? We'd like to help. Check out that FAQs below, there's a pretty good chance that your question has been asked before. There's also our support pages which you access either through that link or using the "Feedback" tab which you should find at the right of each page. If that doesn't solve the problem, then feel free to get in touch

Frequently Asked Questions

Why should I use this site?

Well, the important thing here isn't so much that you use this site, it's that you use a different password for each website that you login to. Once you have committed to that, then you're going to end up with a problem remembering all of those passwords. We'd like to think that we're a nice, simple solution to that problem and we hope that you do too.

Why should I use a different password for each website?

There are a lot of websites out there. Some, like most banks for example, take the security of your information and the access to your account very, very, seriously. Other sites are not quite so thorough. If you share a password between a number of different websites then you're exposing yourself to a classic "weakest link" problem. If any one of these websites is somehow compromised, then all of your accounts are going to be compromised as well. The simple, obvious solution to this is to use a different password for each site.

How does it work?

We use your master password and the address of a website to calculate a password. The same master password will give a different password for each different website. Equally importantly, the calculation will always give the same password for a given master password / website combination. In other words, once we've calculated a password for you, then we can re-calculate it for you as long as you use the same master password. We do this by using a cryptographic hash function.

What is my master password?

The whole point of this site is to provide you with a mechanism of remembering only a single password, yet being able to generate passwords for each website you visit. The single password you have to remember is called your master password. We use this password together with the address of the site to generate a password for a site. So the password that you generate will be different from the password I generate for the same site.

Do you store any passwords?

Nope. We calculate the password every time you use this site and we never store your master password. This does of course mean that you have to be careful about remembering your master password. Since we never store it, we cannot help you retrieve it.

If you know one of my generated passwords, can you work out my master password?

Nope. One of the features of a cryptographic hash is that it is a one way function. We can repeatedly use your master password to generate a password for a site, but it is not possible to calculate your master password given one of the generated passwords.

I've forgotten my master password

Ah, you're in a spot of bother then. We do not ever store your master password, and it is an important feature of this site that we cannot work out your master password from any of your generated passwords. Your best bet is to pick a new master password, one that you can remember, and re-generate new passwords for each of your sites.

What is a cryptographic hash?

A hash is a term for a calculation which takes some text and computes a value from it. Given the same text as input, a hash will always return the same result. A cryptographic hash has some extra properties which make it useful for us - the chances of two different inputs returning the same hash value are very low and it is very difficult to modify the input without changing the calculated hash.

Why should I use this site rather than password management software.

We think that we're better because we're simpler than other approaches to managing your passwords. With other password management solutions you usually have an encrypted database of passwords stored somewhere on your computer. Which means that you will then have to take very good care of this database, make sure it is backed up etc. It also means that you do not have access to your passwords when you are not at your computer, although some software does sync passwords onto your mobile device. To be fair, though, most password managers allow you to do a lot more that we're trying to do here. You can save different kinds of data, such as credit cards, and annotate your userids / passwords. We've deliberately kept things as simple as possible here, because we believe that a simple solution is all that is called for. If you want something more sophisticated, then you might want to look at some of the alternatives out there.

How do I generate a password of a certain length?

All the passwords that we generate are exactly 20 characters long, if you need something shorter than that then you can use part of the password

How do I generate a password containing a specific number if characters and letters?

We've been trying very hard to keep this website very simple and, for the moment, we feel that allowing you to generate passwords in a format of your specification would un-necessarily complicate this site. In other words - you can't. You are, of course, free to leave feedback on our support pages regarding this.

My account requires me to change my password every x days, how do I generate a different password?

There's really no validation on the website field, you can put whatever you feel is suitable into that field. Each different value will give you a different password. So you could, for example, input "mysite.com<today's date>" or "mysite.com/<number>" to generate a password. Be careful if you do something like this, though, that you remember the scheme you've used, as you'll need to input the exact value should you need to re-generate your password.

This sounds risky to me, what happens if I use your site to generate all my passwords and then you disappear?

Fair point, but if that did happen we wouldn't take your passwords with us. All of the passwords you have generated would be perfectly good, safe passwords. All you would loose would be the ability to re-generate passwords.

Can I use this site on my phone?

Yes, just use the same URL, the site should render fine on modern smart phones ( although there is, as yet not a mobile specific version of the site )

What makes a good master password.

Something that you will not forget, something that no-one will be able to guess. There's been a lot written on what makes a good password, it all applies equally well here.

I have more than one userid for a site, how do I generate different passwords for each.

There's really no validation on the website field, you can put whatever you feel is suitable into that field. Each different value will give you a different password. So you could, for example, input "userid@mysite.com" or "mysite.com:userid". Whichever scheme you choose, just be sure to be consistent about it in case you should ever need to re-generate the password.

What should I put in the Website field?

There really isn't any validation on that field, so you can put in whatever you want. We recommend putting in the address of the website minus the protocol / www prefixes. So for http://www.google.com, I would suggest just using google.com. Having said that, the only important thing is that you are consistent, so that when you come to re-generated a password, you will be sure of the correct value for this field