SuperGenPass and Password Composer are password generators, which
generate different passwords for each site you use based on a single master
password. This gives you the convenience of only remembering one password as
well as the security of using different (and strong) passwords for each site.
This means that you won't have all your accounts compromised when1 one of
them is compromised.
Most password generators are implemented as browser extensions or
bookmarklets, since they are most frequently needed in a web browser. I've
been wanting to start using a password generator, but I wanted to be sure that I
could access my accounts even if I didn't have a web browser accessible. The two
situations I could think of were a command line only system (e.g. SSH) and my
Surprisingly, I couldn't find a command line implementation of SuperGenPass, so
I wrote one in Python. I also couldn't find any J2ME or Symbian
implementations, and so wrote my own one in J2ME. They both support subdomain
stripping and configurable password lengths. They don't support salted
I chose SuperGenPass over Password Composer because it uses a better scheme.
Password Composer only uses hex characters, whereas SuperGenPass uses a
base64 encoded hash. SuperGenPass also hashes the password multiple times
(which would slow down a brute force attack to find the master password) and
imposes complexity requirements on the generated password (which reduces the
chances that the generated password can be brute forced).