To guess the next character you'll type, we send the characters you have already typed to query our prediction engine.
The prediction engine uses a database of common passwords and phrases that is too large for us send to your computer.
To measure how much of an effect Telepathwords has on your behavior, we also send and maintain a log of your mouse movements
and the timings of when characters are added to or removed from your password.
This log does not contain the actual characters you type, but it does indicate whether each character was
among those predicted by Telepathwords.
We use this log for research intended to increase our understanding of how users choose passwords and how to help them choose better passwords in the future.
This research may include collaborators outside Microsoft (such as the collaborators at Carnegie Mellon University who helped build Telepathwords)
and we may share these logs with them for this purpose.
To protect the contents of the log, we encrypt log entries on your browser, before they are sent to our server.
We do not keep the keys required to decrypt the log on any publicly-facing server.
(Our servers create a random, unique key for each log, transfer that key to your client, and encrypt the key with a public key that
is not stored on any publicly-facing server.)