Re: Not because we are silly or lazy.
The password masher takes a simple password and mashes it against the domain seeded with some fixed options to produce a strong password. That strong password is unique to the domain, so the password doesn't get used anywhere else, so no password leakage. By hashing the domain, the password and some hidden fields, reverse engineering back to the simple password is very very hard, (more so since there's are additional level of personalisation possible). The simple password stays local, but doesn't need to be stored or written down itself, while the code for mashing runs locally, again so the password itself doesn't get exposed.
Biting the hand that feeds IT
