
Show HN: Alzheimer password generator - viralpoetry
https://github.com/viralpoetry/alzheimer-password-generator
======
celticninja
Could probably do with renaming, plenty of other memory based words that could
be used rather than using Alzheimer's which is a terrible disease to be
afflicted with.

~~~
gmemstr
I second this, and I don't really know if a memory-deficient password manager
is a _good_ thing.

> Final password is cryptographically derived from web page URL address, salt
> and user provided secret passphrase. The salt should be stored physically,
> so you can recover it in the future.

I didn't really know, at first glance, what this project accomplishes besides
generating a random password, although looking through some of the screenshots
it looks like passwords are _always_ generated on-page instead of storing an
encrypted vault. A super cool idea, but I'd be curious what everyday use of it
would look like, and since I don't use Chrome I can't really test it myself.

~~~
viralpoetry
Hi, author here. You are right, the password is generated on the fly using
URL, unique seed and provided passphrase. The extension javascript is
sandboxed from the webpage, so it is not possible to obtain the inputs to the
PBKDFunction from the context of website.

I have coded this for myself and using it more than 2 years. The only problems
are with some dynamically created login forms, like new reddit login.

------
Sjoerd
Such a thing is typically called a deterministic password manager. One problem
with it is that you can't change the algorithm. If you want to change your
PBKDF2 from 1000 to 5000 iterations, then you can't login anymore on any of
the services where you used this tool to set the password.

See also this
[https://news.ycombinator.com/item?id=13016132](https://news.ycombinator.com/item?id=13016132)

------
modzu
i love this! does that mean i have alzheimers??

