In association with heise online

14 February 2012, 15:19

Firefox extension illustrates password reuse

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom Green points designate passwords and blue points are web sites. The orange connections indicate similar passwords
Source: Mozilla
The Password Reuse Visualizer extension for the Firefox web browser provides a visual representation of password reuse across multiple web sites. The extension works by analysing the data stored in the browser's password store using the nsILoginManager interface to read a user's saved credentials.

Password Reuse Visualizer, which was developed by Mozilla employee Paul Sawaya, uses this to generate a map showing each password as a green point, with blue points representing web sites. If one of the green password points is connected to multiple web sites, this shows that the password is being recycled. For very similar passwords used on different sites, the extension visualises this using an orange line.

Recycling passwords is convenient, but represents a major security headache. It enables an attacker, by hacking one web site with which a user has registered, to then log into all of the other sites on which the same password has been used.

The Password Reuse Visualizer is available from Mozilla's Add-ons for Firefox site and supports version 9.0 of Firefox or later. Hosted on GitHub, source code for the Password Reuse Visualizer extension is licensed under version 1.1 of the MPL.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit