> Password approach: This is interesting... masterpassword.app/what/

Agreed. I've heard of similar systems before, where all your passwords are generated from a master password (rather than stored). It does sound interesting/cool

I've never used that sort of system myself for two reasons:
- Compromising your master password gives an attacker access to all sites without the need for access to a device with your stored password.

- Changing your master password means changing all

That's the problem. But with some current cloud sync change master pwd and they wipe the DB. When is there a perfect solution? Lol yeah changing every pwd would hurt.

@ironmonkey Yeah, fair enough. I tend not to use cloud sync for similar reasons.

(I use and my own homebrew passgen.codesections.com and store my passwords on two computers, a raspberry pi, and my phone—that's more than enough of a cloud for me!)

@codesections @ironmonkey Another problem would be with sites that force you to change your password every so often.

@codesections @ironmonkey I had spun up my own similar solution years ago but it couldn't cope with weird password requirements. I don't know if this does but I would always have a site wanting one extra special character or a character would be forbidden. Some even choked when passwords were too long 🤦‍♂️

Yeah this one has different templates like passphrase long med short with/wo complexity. Then this is where this starts to fall apart. Now remember which you used for what.

Sign in to participate in the conversation

Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.