Product: PwdHash (Password Hash)

Developers: Stanford University professor John Mitchell, associate professor Dan Boneh and students Blake Ross, Collin Jackson and Nick Miyake

In May 2006, nearly 12,000 malicious phishing Web sites were identified by the Anti-Phishing Working Group, a Los Altos, Calif.-based industry association focused on eliminating the scams. That's up from 3,300 sites a year earlier. Phishing scams trick users into sending their passwords to an unintended Web site -- often unlocking access to bank accounts or other financial data.

But some professors and students at Stanford University are taking a big bite out of this crime with Password Hash (PwdHash), a plug-in for popular Web browsers that prevents phishing sites from getting what they want.

"Internet users often use the same password at many Web sites," says Dan Boneh, an associate professor of computer science and electrical engineering at Stanford. "A phishing attack on one site will expose their passwords at many other sites."