Alternatives & Security

Open odanoburu opened this issue 3 years ago • 2 comments

Hey there, I wrote a similar tool, as did some other people; the ones I know about I listed here. I use this password scheme daily (although I actually use another, private implementation).

Since I'm not in security research, I'm a bit unsure about how safe this idea is (I trust it enough to use it, of course). So if you find any research on this I'd be interested to know. Thanks!

Sep 08 '22 20:09 odanoburu

The basic idea of just "use a reasonable cryptographic primitive to mix a master password with the pw-specific token" should be quite safe so long as your master password is strong. There's a reason this has been reinvented several times. ^_^

Sep 09 '22 22:09 tabatkins