On 2019-02-05 22:17, Neil Bothwick wrote:
On Wed, 6 Feb 2019 04:28:49 +0800, Mark David Dumlao wrote:
My own solution is actually very simple. I have a "secret algorithm"
that incorporates several secrets with a predictable way to generate a
site-specific secret. The end result is a 100% predictable way to
generate unique passwords for every site that are cryptographically
secure from each other (you cannot derive
one from the other) which can be generated by any device using the
appropriate tools.
The was a tool in portage this did this. I tried it but it did not work
in the real world because you couldn't set a rule for generated
passwords
that matched the requirements of all sites, for example some require a
non-alphanumeric character while other sites only allow alphanumerics.
I can remember what the tools was called, although I'm pretty sure it
was written in Python. I'd be interested to know how you get around the
conflicting restrictions as this seems a good way to do things.
By using an existing tool you have to live with its restrictions always.
But who says that it could not be done? At least Mark's solution will
(maybe) not work for everybody (yet), but he did think about an issue
and found a way/solution which sounds really reasonable.
--
Sent with eQmail-1.11 beta - a fork of djb's famous qmail
