Um, what? The old method is a warning symbol or a checkmark to ensure the password fields match. Replacing that nice, intuitive, more accessible feature with this would be, excuse me, retarded. And it's not just colorblind people who would suffer. Do you really want to spend brain cycles trying to figure out if you're looking at the same shade of blue?
It's not very well presented in the demo (there's no need for the Confirm inputbox), but the point is not for password creation, but for login. From the author's github page (http://github.com/mattt/Chroma-Hash/tree/master):
Chroma-Hash displays a series of colored bars at the end of field inputs so you can instantly see if your password is right... Your password will display the same sequence each time, so you can learn to expect "blue, red, pink", for instance; if you instead see "green, purple, yellow", you'll know you typed it wrong.
So the chromatically-impaired will not lose anything over current functionality, they just won't get the benefit.
Wow, that changes everything. So now I have a security-compromising solution to the problem I currently solve by using a keychain or knowing how to type, and all I have to do is remember my 3 magic colors and figure out if that shade of blue is the right one.
You still have to remember your password. The colors alone will not get you in. Rather, they merely help you know whether you mistyped it before you submit.
I'm not arguing the merits of this concept; I'm just clarifying its intent. There has been a recent wave of design fury over the HTML password input field (the one that obscures keystrokes with dots) Sites with a bajillion users have become concerned about the small percentage of users who get frustrated by failed login attempts and leave. Wanting to avoid turning users away, they have started to experiment with ways to make the field more usable.
Perhaps user disengagement resulting from input type="password", for some, translates to a measurable amount of money. Or maybe it's just a matter of trying to reduce support costs from the volume of "I can't log in" calls.
Either way, it's an interesting problem for UI design specialists.
There's been a recent wave of design fury because Jakob Nielsen wrote his article on unmasking the password field and the bike-shedders of the world decided they had to weigh in with their 'improvements', not because this is any kind of newly urgent problem.
