How Password Chameleon works

Here is detailed information about how it works, in case you're curious, geeky or cautious.

Passwords are generated every time you need them

Password Chameleon uses a technique called "hashing" to combine your secret password with the address of the site and produce your password.

  • Passwords are never saved.
  • There is no database of passwords that could be hacked.
  • Passwords are generated on your computer using JavaScript, so nothing is sent over the internet.

Encryption and encoding

Password Chameleon uses SHA-1 encryption to generate each password.

SHA-1 is a cryptographic hash function designed by the United States National Security Agency.

  • A "hash" is generated from your secret password and the site name using SHA-1.
  • If someone finds out one of your passwords, they cannot "work backwards" to discover your secret password.

Passwords are 10 character, 64-bit sequences.

  • Passwords are 10 characters long.
  • There are 64 different characters that can appear in your passwords.
  • Passwords are made up of letters, numbers and punctuation marks. You'll always get at least one of each.
  • The passwords are rated "very secure" by all password checkers we have tested.

Made for humans

You're only human. We get that.

  • Passwords do not contain easily confused characters, such as 0 and O.
  • Site names are not case sensitive, because iPads and smartphones sometimes try to capitalise things for you at awkward moments.
  • When you paste a full site address into one of our apps, it shortens the address for you automatically.

Next page »