Subscribe
Sign in
WeHatePasswords 2.0 — You hate passwords. That's where we come in.
WeHatePasswords is a browser extension that replaces all password fields with easy to remember pixel art. Gone are the days of remembering complicated passwords. Simply draw to log in. Compatible with password managers.
25
Replies
Best
Mallowigi
It's a nice product, but a much more unusable than using passwords. Let me explain.
First, remembering words or phrases is much easier than remembering patterns. That's why requesting passwords to be "a mix of letters, numbers and symbols" is perhaps much securer than "neighbor" or "19840101" but much less rememberable for the human brain. Thankfully there are password managers that do the work for you, but if for some reason you don't have one at some point (firewall, don't remember the master password, etc...) then you are in a world of trouble. I'd rather have a *passphrase* than such complicated BS.
Now further complicate this by having to remember not words, not symbols, but DRAWINGS. And it's not only having to simply remember, you will have to be able to redraw it from memory.
As a result, this will lead to... simple patterns. A cube. A frame. A circle. A set of lines. A cross. And of course monochromatic. It's already hard to remember one color, having to throw other colors in the process is much more cumbersome.
Second, entering a password or a pass phrase is much, much quicker than having to draw something. You would have to make sure you are correct in your drawing. Drew outside the lines? Need to correct that. Again this would lead in only a few drawings that are really usable. No one would want to draw a Pikachu every time they need to enter their password.
Last and not least, this is not integrable with other tools. No password manager. No way to export passwords. No way to retrieve passwords in the case you forgot what you drew. It's plainly unusable.
Sure, it's fun, you can draw some great pixel arts with it. It is much cooler to show someone that you login to your app by drawing a Mario sprite or a Sonic one. But nobody in their right mind will actually use it in something they care or use all the time.
Report
Share
@mallowigi WeHatePasswords is compatible with all password managers, as the drawings are stored as strings behind the scenes. Your WHP drawings will automatically be saved in Chrome’s password manager (or others), and auto filled in on subsequent visits. It’s a 7x7 grid so drawing is very accurate, it’s hard to draw incorrectly. Also to touch base on your other point you don’t have to utilize all colors or even fill in all blocks. I urge you to try out the product for yourself before making any assumptions or calling it unusable. Use the discount code “producthunt” for 25% off <3
@daltonedwards Ok, if that's the case it's a good point for you, that makes it more usable. By the way I'm not picking about your product, perhaps I had a bit aggressive tone but that wasn't my intention, I was just expressing my doubts about such a solution.
And you are right, maybe it would have been wiser to try the product before talking, but it's not possible without buying. Good luck though.
I wonder, wouldn't using WHP result in a double security risk? I assume the drawing is converted to a string, which will be the actual password platforms know how to use. With that in mind, there are now 2 possible passwords that can be hacked: the generated string, and the drawing.
Can you clarify?
@poehah The security and entropy is in the string. If either is hacked , both are hacked. As the strings and drawings go hand in hand when encoding and decoding. In other words it’s not 2 separate keys. For example the string for a drawing that’s colored in all blue would be “BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB“.
Congrats on the launch! I love the innovation, although I do have to question: doesn't this make it really easy to steal someone's password by looking at someone's screen, even from a distance?
@userlastname This is a very valid concern. In a future release I’m adding an optional toggle that will hide what you’re drawing.
@userlastname @daltonedwards maybe that would make it more difficult for the user to draw the pattern...
A year ago I launched version 1 of WeHatePasswords. At the time it was available as a JavaScript widget that site admins had to implement, but I came to see that it makes more sense as a Google Chrome extension.
WeHatePasswords allows you to log in to any site simply by drawing an easy-to-remember pixel art.
You don't sacrifice on security either, here is some stats:
There is 178,405,960,000,000,000,000,000,000,000,000,000,000,000,000 possible drawing combinations. Compared to an auto-generated password in Safari which has 970,087,680,000,000,000,000,000,000,000,000,000 combinations. In this example WeHatePasswords is 183,907,046 times more secure than a traditional password.
A WeHatePasswords drawing would take a hacker with a modern computer 4,808,633,600,000,000,000,000,000,000,000 years to brute-force.
WeHatePasswords V2 is in beta and will improve as time goes on. I welcome you to report any bugs you find.
@daltonedwards Congratulations on the launch!
WeHatePasswords could be addressing this need gap - ' Password less authentication' posted on my problem validation platform - https://needgap.com/problems/49-... .
You're welcomed to explain how you're solving their problem, So those who need WeHatePasswords can find it easily.
So, knowing that one uses this tool, makes it easy for me to generate ((7*8) * (7*8)) = 3136) string combinations out of your tool, and then try them all on their account? - Which part of "178,405,960,000,000,000,000,000,000,000,000,000,000,000,000" am I missing here? & How to be recommending this to colorblind users? (:
So if I stored a password in the manager to use your app - the manager can log in for just one click, no need to spend time for drawing.
Maybe I don't understand something.
@piotr_zgierski yeah that’s exactly correct! The drawing is stored as a string and inserted into the password field behind the scenes, meaning WeHatePasswords works with any password manager out of the box. As it’s able to be saved in your password manager like a regular password
The high number of possible patterns is pretty meaningless if there’s only a minuscule subset people will draw. Nobody would make their “drawing” password a completely random array of colors. Most would do faces, objects, or repeating patterns.
@cadensumner Can say the same thing about people picking weak passwords.
@chrismessina Right now it’s only available as a Google Chrome extension. Very soon you’ll be able to download a Siri Shortcut that makes WeHatePasswords work inside mobile Safari on iOS.
As someone who is not a web developer or web genius like all the people arguing in here over language I couldn’t get enough adderal to begin to try and decipher, this actually is brilliant for us non tech geniuses (which is like 90% of the earth’s population). Fantastic job whoever you are. I’m in 👍🏼
