HIPPO password manager uses cryptography to generate site-specific logins on demand, slashing lockout risk and easing real-world security stress.

IEEE Spectrum's platform is a central hub for technology enthusiasts and professionals, offering insights into  technologies, engineering innovations, and scientific discoveries. Through articles, reports, and interviews, IEEE Spectrum offers insights into emerging technologies, research breakthroughs, and industry trends across various domains. Readers can stay updated with the latest advancements in technology and explore the impact of technology on society and the environment.

IEEE Spectrum

HIPPO (Hidden-Password Online Password) is a storeless password manager implemented as a browser extension that derives site-specific passwords on the fly from a single master password using an oblivious pseudorandom function (OPRF). Neither the master password nor derived passwords are ever stored locally or on a server. A small user study (25 participants) found HIPPO scored significantly higher than traditional manual password entry on perceived security (4.04 vs 3.09 out of 5) and trust (4.00 vs 3.30), and was also rated easier to use despite requiring an extra activation step. The researchers plan follow-up studies covering longer-term usage, master password change scenarios, and account lockout risks.

HIPPO Turns One Master Password Into Many Without Storing Any

User Perception and Trust for Password Managers

<p>Cool idea, I like the no-storage approach</p>
