-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alternatives & Security #4
Comments
The basic idea of just "use a reasonable cryptographic primitive to mix a master password with the pw-specific token" should be quite safe so long as your master password is strong. There's a reason this has been reinvented several times. ^_^ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there, I wrote a similar tool, as did some other people; the ones I know about I listed here. I use this password scheme daily (although I actually use another, private implementation).
Since I'm not in security research, I'm a bit unsure about how safe this idea is (I trust it enough to use it, of course). So if you find any research on this I'd be interested to know. Thanks!
The text was updated successfully, but these errors were encountered: