Working on a large web based application has had me thinking a lot about password security. In our app all our passwords are stored in double hashed strings, but how do I know other sites are being as thorough. They days of being able to use one password for everything are over. A lot of people are an SQL injection away from losing a lot of personal information.

That’s why I was thrilled when I stumbled upon this bookmarklet. The page is pretty self explanatory, but to summarize; Drag the bookmarklet into you browser. Then when you’re on a site that asks you to make a password you click on it, enter your “master password” (that way you still only have to remember one) and it will generate a password for you to use on the site. Next time you need to remember that password to get back into the just repeat the steps and it will give you the same password again. It generates the password based on the host name of the site you’re on and your master password, but there’s no way for anyone to be able to decipher your master password from it.

Hey all. Things are starting to quiet down to at least a manageable whirlwind of activity. As such I should have some time to actually start blogging. I’ve got some good little nuggets saved up for as soon as various things go public. Here’s a little something to tide you over.

About a month ago I was alerted to the Amazon Elastic Computing Cloud. This beta (whoo, web 2.0!) service allows you to create any number of virtual servers within the cloud that you can use for any legal activity your heart desires. The data use and machine time rates are pretty reasonable, and the whole thing is tied into Amazon’s S3 storage system.

Around the office the EC2 has come to be known as Amazon’s floating death laser because of the potential power it could give you. The distributed computing possiblities are limitless. Suddenly the speed of your server or the size of your pipes are not a limitation when it comes processing large amounts of data. I really think this could be Amazon’s killer app once it’s public.