This page generates site-specific passwords from a single master password by using a secure hash algorithm (SHA-256). It works by concatenating the name/domain of a site and the master password, generating a hash of that value, encoding that hash as Base64 and then truncating the result to 15 characters. This approach is useful for mitigating the security risks of password reuse. If a single site-specific password is compromised the other passwords generated from the same master password remain secure (assuming a strong master password).

This password generator is implemented purely as client-side JavaScript (depends on Cristoph Bichlmeier's sha256.js) to avoid sending any sensitive values across the network.