Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To add to that

4. You will need a clipboard everytime to copy paste which is not very safe

Suggestion: Add a salt parameter to make it less deterministic, keep these salt in a personal database



The clipboard is indeed unsafe. I don't use the clipboard. On my Linux machines I use xte (apt-get install xautomation) to have my script enter the password after a delay of 3 seconds which is enough for me to switch windows and click on the password field where it needs to be entered.

On phones I just type it in after looking at it, or compute on my computer and punch into my phone. I can memorize a 20-character string for a short time. In the future I might make a device to plug in via OTG cable, emulating a USB keyboard, to enter the password into phone apps. Another option for phones is key injection using /dev/uinput which is accessible if you run Cyanogenmod.


> I can memorize a 20-character string for a short time.

Now I see why such a system works for you. Very few people can do that in case you didn't know.


There is probably some room for optimizing this by changing the used character set or using some rules for producing "pronounceable" strings.


There is already a tool that can do this for you: pwgen. It's probably in your repositories but you can also get it here.

https://sourceforge.net/projects/pwgen/


What I meant is that it would be interesting to plug such tool as an final encoding step of some variant of KDF(master, domain)


We could use entropy from the PBKDF2 output to select English words from the OED.

https://xkcd.com/936/





Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: