Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alternatives & Security #4

Open
odanoburu opened this issue Sep 8, 2022 · 1 comment
Open

Alternatives & Security #4

odanoburu opened this issue Sep 8, 2022 · 1 comment

Comments

@odanoburu
Copy link

Hey there, I wrote a similar tool, as did some other people; the ones I know about I listed here. I use this password scheme daily (although I actually use another, private implementation).

Since I'm not in security research, I'm a bit unsure about how safe this idea is (I trust it enough to use it, of course). So if you find any research on this I'd be interested to know. Thanks!
@tabatkins
Copy link
Owner

The basic idea of just "use a reasonable cryptographic primitive to mix a master password with the pw-specific token" should be quite safe so long as your master password is strong. There's a reason this has been reinvented several times. ^_^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tabatkins @odanoburu