I assume most people use the same password for at least a couple web sites. I used to cringe every time I signed up for some random site and they echoed back my plain text password in an email. If someone happened across a password for one site, they could use it on another.
I used to mitigate the problem by using tiers of passwords. For example, I had one password which I changed often and used exclusively for work. On the other end of the spectrum, I had one password which I shared among all the random little sites and services which I didn't really care about securing. Coming up with and tracking a unique password for each site which I may never visit again was too much of a hassle.
PwdHash offers a much more elegant solution. I can always use the same password, but PwdHash hashes it with the site's domain before actually sending it. My real password never leaves my computer. Each site gets its own password, and there's no way they can figure out the password for a different site. To trigger PwdHash, all I have to do is press F2 before typing in my password.
I don't have to maintain a password repository across computers (that would be another security risk). If I'm on a computer where I can't install PwdHash, I can always go to their site and cut and paste the hashed password.
It's such a simple but effective idea. I hope other clients such as instant messengers pick up on it. In the mean time, I can always cut and paste.