1 comment

[ 3.1 ms ] story [ 14.6 ms ] thread
I have been looking for something like this since onelastpass.com was shut down. It used the same password=hash(domain+passcode) idea with a Chrome extension, except the hash was performed by a server. Obviously that approach has some security concerns.

I recommend hosting the code somewhere so it can be used outside the Chrome extension, e.g., for Chrome mobile. You can also use an <input type="password"> for the passcode field so Chrome will remember it.