
Ask HN: Does anyone use an alternative to a password manager? - BinaryIdiot
As time goes on I find myself, both in my professional and my personal life, adding more and more usernames and passwords I need to remember. I have over a 100 accounts I need to keep track of and access typically access at a whim.<p>Since it&#x27;s insecure to both use the same password over and over or to modify a single password per service (e.g. appending &quot;fb&quot; or &quot;tw&quot; etc to a password when using a different service) I have found that a password manager is literally the only thing working for me.<p>However, as break-ins become more and more frequent, I am concerned that my single point of failure, my password manager, could become compromised. I mean it seems almost inevitable, right? An attacker wouldn&#x27;t even need to compromise the service or app you&#x27;re using but your phone instead to gather the same data.<p>So I&#x27;m curious to those of you who use something other than a typically password manager: what do you use and has it been successful or a pain?
======
ohthehugemanate
I am shocked to see a tech literate audience recommending a single algorithm
based password. This is pretty basic stuff. Minimize attack surface!

With a password manager, your attack surface is your email, and the password
to the manager. You can focus your efforts on securing those two things with
2fa, a hardware device, etc. Every other password can be extremely difficult,
and only grant access to an individual service.

Compare it to an algorithm, where your attack surface is "every service." If
one password is compromised, they all are. Then you have to change them all
manually, and remember what's been changed, when.

In an age of great open source options like bitwarden, Keepass, and unix pass,
there's no excuse for using an algorithm anymore.

~~~
alangpierce
> If one password is compromised, they all are.

The point of an algorithm as opposed to a single shared password is that this
isn't true. With a basic algorithm, you can avoid automated attacks based on
password dumps. With a more complex algorithm, even a determined attacker
targeting you would have a really hard time figuring it out. Regardless, it
probably would need to be a few passwords, not just one. Also, any good web
service will implement rate limiting and other protective measures, so brute
force attacks are unlikely to work.

The counterargument to "minimize attack surface" is "avoid single points of
failure", and that includes both attacks and accidentally losing access to all
of your passwords. What if I drop my phone and/or laptop in a lake? What if I
forget my master password somehow? What if someone installs a keylogger and
gets my master password? What if I accidentally install a malware version of
the password manager client that steals my password?

Not that I necessarily think that an algorithm is better overall than a
password manager, but I think it's not as obvious a decision as you're
claiming.

~~~
bradknowles
The keylogger risk is an issue for both password managers as well as those who
generate passwords based on an algorithm applied to a single master password.

------
nullterminator
I use Linux, Windows, and Android. I decided on Pass [1] and it's been working
really well for me. I have a dedicated PGP key that encrypts all my passwords,
and they're stored on my own git server.

On Linux I use the pass command, on Windows I use QtPass [2], and on Android I
use Password Store [3] and OpenKeychain [4] (for the PGP key).

My "master password" is the password for the PGP key, and I type it each time
I want a password. Git keeps everything in sync. If one of my devices is
compromised, you still need the password for the PGP key. If my git server is
compromised, you'd need the PGP key (which isn't on the server).

[1]: [https://www.passwordstore.org/](https://www.passwordstore.org/)

[2]: [https://qtpass.org/](https://qtpass.org/)

[3]: [https://github.com/zeapo/Android-Password-
Store](https://github.com/zeapo/Android-Password-Store)

[4]: [https://www.openkeychain.org/](https://www.openkeychain.org/)

~~~
beojan
Why use a PGP key instead of symmetric encryption (either with a random key
encrypted with your master password, or a key derived from your master
password)?

~~~
proaralyst
Insertion/generation don't prompt you for your password.

------
Waterluvian
I use an algorithm. In short:

1\. Memorize some base password 2\. Memorize a way in which you mutate that
password based on the name/type/other of the service logging in to.

Eg. Hunter2 becomes eHunterG8 Because my example algorithm cares about
Google's first letter, length, and service type: email.

It allows every password to be different but you only memorize two things. It
is meant to be a "good enough" solution that is much better than using the
same password for everything, but naturally is worse than using significantly
different passwords.

I've used this for a few years to great success. The one issue I have is I
sometimes have to try multiple times when one account is many types of
services.

~~~
rockostrich
Doesn't this compromise all of your passwords if one of your passwords is
discovered? Sure, it would take a bit of thinking to realize what each part
refers to and even realize that your password has some sort of generation
algorithm, but it would be a bit more secure to hash that password in some
way.

That's why I like using LessPass (even though people talk a bit of shit about
it whenever it's mentioned on HackerNews). I have a single master password,
the rest of my passwords aren't compromised if I accidentally expose one of
them, and I can log in to any site from any device with a browser. Of course,
use 2FA when you can, but it's nice to have a secure first layer of defense.

~~~
SeanLockItUp
> Doesn't this compromise all of your passwords if one of your passwords is
> discovered?

I've been trying to understand password managers for a while. My workplace
forces us to use one.

But what you've said doesn't make sense. If your "master password" used in the
password manager is discovered, then _all_ your passwords are compromised.

If my laptop or phone gets stolen and someone knows the password from my
password manager, then I'm done for.

I choose to follow the algorithm approach too. Even though it's BS.

~~~
oneeyedpigeon
Yes, but that master password should a) be incredibly secure (mine is longer
than 32 characters) b) only be used for your password manager and nothing
else. If, instead, you reuse a password in several places, you're only as
secure as the weakest link in that chain.

------
NoGravitas
I'm a bit surprised at all of the people suggesting "remember one password,
and mutate it with an algorithm based on the website name". That means that if
you have to invalidate one password for any reason, you have to change all of
them. On every service that you use. Do people really do this?

~~~
chrisper
Yes. There are some passwords that I have to remember since putting them into
a password manager is not possible.

~~~
Willamin
In what situation would putting them in a password manager be impossible?

~~~
chrisper
You need to somehow have access to the backup of your database (in my case
KeePass) in case you lose it. If you put the password of the access itself in
the manager you are in a deadlock. It is much easier to end up in a deadlock
situation like this than one might think. So carefully play through restoring
your backups in the worst case scenario.

In my case, I am using Google Drive as my Backup Storage. If I were to put my
Gmail Password in the manager I'd be locked out in the worst case and would
not have access to my backup.

------
QuadmasterXLII
You most likely already have another single point of failure: the email
account that you use for "forgot your password" resets. So, I make that the
only point of failure by choosing long, secure passwords and not really trying
to remember them, resetting the password every time I need to log in to a
rarely used account

------
tga
* descriptive, long passphrases, that I usually have no trouble remembering. e.g. Facebook could be "I talk to my friends".

* salt to make stupid password rules happy and to make it somewhat safe to write down passwords. e.g. "mysecretsalt42$". This gets appended to all passwords and doesn't get written down anywhere.

* encrypted text file, used rarely when I forget a password. e.g. `vim -x socialmedia.txt`. I find this a bit better than Keepass or pass because it's not one obvious attack target (both the file and app).

* optionally, a paper backup

~~~
kqr
I might adopt this strategy. I really like most aspects of it.

~~~
sigsergv
If you use service from time to time (or have to login rarely, facebook, for
example) then be careful, you'll forget that passphrase.

------
danicgross
We really need passchange.js: an open source collection of headless JS scripts
that can programmatically change your password on a given website. Then you
would continuously rotate _all_ your managed passwords as well as your master.

Not a panacea, but significantly minimizes the length of a theoretical breach.

~~~
scoates
I have been working on-and-(mostly-)off on something like this for a while:
[https://github.com/scoates/celobox](https://github.com/scoates/celobox)

Wish I had more time to spend on it.

~~~
madjam002
This is a fantastic idea, just a simple config file which describes how to
change a password for a site, which different programs can then interpret
differently.

~~~
scoates
Thanks. Yeah; that's the idea for bootstrapping. At some point, I'd love it if
sites themselves published APIs or at least manifests (similar to /robots.txt
or favicon or a URL in a HTTP header, etc.) of how to programmatically change
passwords.

A real problem I ran into is that a full browser is required for many
operations, now. Instagram.com, for example, is completely opaque to non-
DOM+JS browsers. Right down to the shamefully empty `<noscript>` block.

------
aaraujo
I used a small script to generate my passwords : I choose a simple password, I
append the domain and I hash the string. I take the first 15 characters of the
hash as a password. I find it quite convenient and easy to remember !

sha256("password"+domain)

~~~
TheHCA
This seems like one of the simpler solutions on here, what's your process of
dealing with sites that require special characters etc?

~~~
aaraujo
I add a special character at the end when it's needed

~~~
drdaeman
This works, but doesn't scale.

The problem is, the login form doesn't remind that a) a special character was
required and b) what characters that particular site thinks are "special".

~~~
barrkel
FWIW, it's really rare for a mixed-case alphanumeric password to be rejected.
Typically it's only banks and corporate logins. Those are sufficiently
special-case to make an exception.

~~~
barrkel
Downvoted! :) Amusing for actual lived experience to be denied!

(Data: I have 72 logins currently cached in Firefox. Every single one of those
sites accepts 10-character mixed case alphanumeric passwords with no extra
special character requirements. About once a year I come across a site that
needs one.)

~~~
drdaeman
I've checked my password manager and I think your stats roughly match what I
see - about 1 in 100 sites seem to have smartass requirements to passwords,
others (correctly) don't care.

Still, I'd say it's inconvenient to have "special cases" to remember about.
Even if they're something important, like banking.

\---

Someone had mistaken downvote with "I disagree" rather than "unhelpful".
Upvoted you, as I think your comment was helpful and contributed to the
discussion.

But this is going off-topic (and discussing votes is something we should
refrain from)

------
smt88
Use KeePass. It's FOSS, has a great extension for FF, and stores your
passwords in a local, encrypted file. No cloud necessary.

~~~
walkingolof
I use Keepass also, more specifically
[https://www.keepassx.org](https://www.keepassx.org)

~~~
yorwba
Why not KeePassXC? [https://keepassxc.org/docs#faq-
keepassx](https://keepassxc.org/docs#faq-keepassx)

------
sciencerobot
I use [https://www.passwordstore.org/](https://www.passwordstore.org/).

~~~
slice-beans
I also use pass and sync it with my android phone using OpenKeychain to manage
GPG keys and PasswordStore as the actual password browser. Copy/pasting
randomised passwords on both desktop and mobile is easy once these are set up.

------
encima
I use a simple 'cipher' that makes new passwords easy to remember and remains
relatively secure without the need of a book/service.

I have a file of the first word that comes to mind for every letter in the
alphabet. Then my password is created based on some features of the site.

I.e. eBay has 4 letters so I could choose: 'Elephant_4_Yankee'

The delimiter is up to you and you could just as easily choose every second
letter or whatever.

Yes, it does mean my Netflix password is a bitch to put in but I know it off
by heart.

~~~
codeful
Second this. Domain should generate chiper for a password. You get unique
password for every website and you dont have to remember it

~~~
bdhess
If I’m understanding your suggestion correctly, it contains an attack vector
where Provider B can obtain your password for Provider A by getting you to
sign up for a new account and presenting the same “cipher” as Provider A.

------
zimbatm
"Just use a password manager" is actually a simplification for doing proper
threat modelling because most people don't bother thinking about it.

For each site you have to consider; what is the worst thing that could happen
if somebody gain access to that account? Do you have a meaningful online
presence on the website? Did you enter private information that you don't want
to go out? Did you provide your credit card to the site? It would actually be
useful if sites where classified by the type of information and access that
they require.

Another short answer would be: memorize your computer, email and password-
manager passwords. Use the password manager for day-to-day sites. Add a second
factor for juicy targets like net banking. For all the other sites, generate a
random string and throw it away. Use password reset the next time you want to
log into it.

------
BareNakedCoder
I use [https://securemypw.appspot.com](https://securemypw.appspot.com)
(because I wrote it).

I need to remember just 1 good password (that I don't use anywhere else). I
use it to encrpyt different passwords for different uses (gmail, banking,
etc). I put the url with encrypted password in my bookmarks and a google doc
(to share with my wife).

To hack me, the attacker would need get both the link (from my laptop's
bookmarks) or from the google doc ... and then would need to guess the
password to decrypt it.

------
doltreey
I know it doesn't answer the question, but it does hit at the heart of the
issue. I use Enpass - the only password manager I could find that doesn't
store your info for you--because I was also concerned about breakins and
single points of failure. I am able to keep my entire password collection on
my local hard drive and in whatever online storage tools I'm using currently
(onedrive, google drive, etc). This seems to fit well while removing the issue
with online password managers.

------
wonder_er
I'm surprised at how little advocacy there is for 1password.

Yes, it's a single point of failure (probably more, depending on how you
choose to define them) but it is _invariably more secure than me remembering
my super-nifty password algorithm_.

It's not perfect, but I trivially generate very long passwords for every
service, and have to remember the master password only of my email and my
1password account.

If anything is truly important, it will have 2 factor authentication.

If someone has access to my unlocked physical machine and an unlocked
1password UI, I'm screwed. Additionally, they could use the wrench approach
[0] to gain my credentials.

This is not a use-case I'm actively trying to prevent. Nor is protection
against state-level actors targeting me in particular.

Further benefit of 1password: my wife and I both use certain shared logins to
access things like credit card accounts.

Instead of me having to get her on board with my password book, or special
algorithm, I can just move a login into our shared password vault.

I suspect most people reading this are in a similar boat - we're more than
happy to pay a few dollars to hire millions of dollars of specialized security
knowledge to outsource this problem for us.

This is just too mundane a solution for most people to comment on.

Long live 1Password!

[0] [https://xkcd.com/538/](https://xkcd.com/538/)

~~~
SnowingXIV
I switched to this after being a long time lastpass user, I'm regretting it.
It's visually a lot better but it is terrible at generating passwords and
saving them. On both windows and mac with chrome I click the 1pass icon and
click generate (nothing happens). If something happens it shows up as a new
entry if I go into the vault with no site or anything just a random string
that I then maybe copy paste? (ugh). There also is nothing that pops up that
lets me alter the specifications for the randomly generated password. Lastpass
did an amazing job of this, 1password just seems broken all over the place.

When I did the export/import it ruined tons of passwords because if it had an
ampersand symbol (&) it turned it into &amp; resulting in me editing tons of
passwords manually. It sucks at saving passwords too, lastpass just worked.

Plus no check on password integrity or strength or leaks. It was nice to do a
scan and check on what passwords should be updated, what my duplicates are (if
any), mass update, etc. So, basically I went from free but kinda ugly to
pretty but broken and more $. This has been the worst trade deal in the
history of trade deals, maybe ever.

YMMV but I wish I didn't switch and to move back would be another annoyance
that I might do if I didn't just pay for the year.

~~~
wonder_er
Hm. I just checked on both of these comments, and it seems 1password manages
both quite well.

re: password generation in-browser - this is working just fine for me. [0]

And re: pw integrity or strength - this might not be everything you're looking
for, but it's close.

under a 'Security Audit' tab, it has categories for:

\- Watchtower (logins associated w/sites that are known vulnurable/exploited)

\- Weak Passwords

\- Duplicates

\- 3+ year old PWs

\- 1-3 year old pws

\- 6-12 month old pws.

I'm not trying to be a 1password apologist, but I find it to cover my day-to-
day use _very_ well. To be sure, I still tweak things in the UI at times. It
doesn't capture login URLs perfectly all the time. Etc. But it's pretty good.

[0]
[https://cl.ly/07072T0e1P2C/Add_Comment___Hacker_News.jpg](https://cl.ly/07072T0e1P2C/Add_Comment___Hacker_News.jpg)

~~~
SnowingXIV
Wow, this is not at all what my screen looks like. Maybe it's the extension
itself that's lacking? [0]

I don't have any of these other options either. If I click on generate
password the box just goes away. Maybe I should scrap the extension and just
use the mac/windows application? I was reading a number of reports about not
syncing between these. If I have both on maybe it'll cause issues?

[0] [https://imgur.com/a/msydX](https://imgur.com/a/msydX)

~~~
wonder_er
whoa. Something is not right indeed.

I'd delete the extension and re-install from AgileBit's website, and make sure
the 1password app on mac is talking to the extension.

This is odd, but good luck! Obv. their support team would help square things
away way better than this random internet stranger could!

~~~
SnowingXIV
Thanks wonder_er! Apparently that did the trick. I'll give this a fair shake
now and maybe my harsh comments will be irrelevant soon. :)

------
cristoperb
I've used supergenpass[1] with some success, but the fact that some websites
have special requirements for passwords means that I still have to memorize
more than one password.

1:
[https://chriszarate.github.io/supergenpass/](https://chriszarate.github.io/supergenpass/)

~~~
peyloride
The idea is awesome but i think it lacks usability on mobile.

~~~
barrkel
On Android, it's possibly more usable than on the desktop: you send a link to
the current page to the app, and it copies the resulting password to your
clipboard.

[https://play.google.com/store/apps/details?id=info.staticfre...](https://play.google.com/store/apps/details?id=info.staticfree.SuperGenPass&hl=en_GB)

I use SGP for the bulk of my throwaway accounts.

------
wakamoleguy
If you're worried about storing your passwords somewhere where they could be
compromised, one alternative is to simply not store them:

1\. Generate a long random password.

2\. Use that password once, but don't make any effort to store or remember it.

3\. When you need access to the service, use the Forgot Password flow. Return
to Step 1.

This is admittedly inconvenient, especially on mobile, and it won't work well
if you routinely use devices that cannot access your email. But...it is an
alternative approach that removes the need for a password manager.

In my personal experience, this approach has worked well for services I use
rarely, especially those with good Forgot Password flows or long remember-me
session times.

See also: Passwordless[0] is a Node library that discusses a similar approach
to authentication from the service's perspective.

[0] [https://passwordless.net](https://passwordless.net)

------
reacweb
I have a file on the local drive of my office computer and a sheet of paper
near my home computer (used by me and my wife). When the sheet of paper is
full of handwriting, I bring it to office to synchronize both list.. When my
house has been robbed last year they have not found the sheet, but if they
had, I could have changed all passwords very quickly. In case of fire, the
backup is safe in a remote location. It is easy to carry, duplicate or
destroy. The security at office is ensure by the IT service. This may be
imperfect, but I think my list of password would not be the main target of an
attack. At home, my wife is often present and would quickly notice if a
burglar steal the list. When I go on holidays, I take the home list with me. I
think it is quite successful.

~~~
clort
> I think my list of password would not be the main target of an attack.

I used to have a little notebook with everything, tucked 'securely' out of the
way. I mean, even in a robbery somebody isn't going to rifle through some junk
on a shelf right? I came to think though, that in that situation of course a
list of passwords is not the target but if the robber has a small amount of
technical knowledge (getting more likely, these days) then the risk is that
they recognize the value of something like a book of passwords and just take
it along. All of a sudden, their technology aware friend has access to my bank
account!

So, I use Keepass now with a long passphrase, and syncthing keeps copies of
the database distributed across several devices in several locations for me
and I have access from all the various operating systems that I use. I am
thinking about giving the passphrase to a friend also, as I have known him for
30+ years but I do not work with him or live near him and see him only yearly
or less.

~~~
n4r9
Keepass-plus-syncthing is my weapon of choice also. Using your phone as one of
the devices gets around the whole "bring your sheet of paper to work day".

It would be great if someone added this feature into Keepass so that you
didn't have to use an additional tool. Each instance of a database would have
its own key and set of linked databases. When you open the database it would
sync with every one of its linked databases that is also open. This would
(hopefully?) get around the problem of adding new passwords to different
databases before syncing. I expect one issue might be that people tend to only
log into one instance of their database at a time.

------
tomelders
I use a formula that I can figure out in my head and I just remeber that. I
don’t know any of my passwords, but I can figure out my password when I need
it.

It has problems on sites that have shitty password rules. But for those sites,
i just mash the keyboard then rely on the forgotten password link.

------
paulmd
If your PC is compromised it's pretty much game over, using a password manager
does not really worsen the damage in that scenario At that level of compromise
they can probably add a root cert, MITM your connections, and grab your
passwords anyway.

If you're concerned, you could use separate files for different levels of
security, which would give you the theoretical ability to compartmentalize the
loss. But again, if you're compromised to that extent it's game over, there is
nothing you can do that will allow you to operate securely on untrusted
hardware/OS, you simply can't let that happen.

It's not like that's an unreasonable goal, the combination of Ublock Origin,
Windows Defender, and common sense have kept my systems clean for 10 years
now.

~~~
laurencei
The problem is if your computer is compromised - they might get a few sites
that you visit after the compromise (and before you realise/format etc).

But with a password manager - they get 100% of usernames + passwords to every
site you've ever used, even if you dont visit it after the compromise...

------
tarruda
An idea for a side project I had for some time: Use Raspberry Pi Zero
connected to the PC as a password manager . Explanation: RPi Zero supports OTG
and can emulate USB keyboard (in other words, it can "type" your passwords for
you).

Never got too deep into this idea, but it shouldn't be extremely hard to
implement. Need to create some mechanism to allow the web browser to ask the
RPi for a password for a certain site, and use GPIO to connect a LED Matrix
display (16x2) plus some input method to allow the user to physically confirm
the password request (possibly PIN entry or a simple yes/no button for
simplified usage)

~~~
rrebelo
Funny, I am doing something like that now, but using an smartphone with a
fingerprint reader, instead of a Pi and sending the password through Bluetooth
(adding USB might be a good idea, though). My problem with the Pi is that it
is another bulky device to carry or loose, even the Pi Zero.

My implementation still has lots of security breaches and I don't want to
publish something so fragile. I still need to implement fingerprint and time-
based authentication. Therefore it still is vulnerable to MITM attacks.

As soon as I have something more robust I'll post it here.

Do you have more ideas to suggest?

~~~
h4waii
Since you're already using a phone for this, why not just use Keepass2Android
USB Plugin [0] which emulates a keyboard and "types" the password. Requires
Android, and probably a device with kernel modules for USB HID.

You won't have to worry about the security and integrity of your Bluetooth
connection and the risk of an external sniffer -- but you'll have consider if
you trust the computer you're plugging it in to.

0\.
[https://github.com/whs/K2AUSBKeyboard/](https://github.com/whs/K2AUSBKeyboard/)

~~~
rrebelo
I love and use KeePass on my PC, although not on Android. Will try it, thanks
for the tip.

However, a problem I have with KeePass is that I can't get my wife to use it.
It is too complicated for her. Even the idea of plugging the smartphone
through USB is already a "no" for her. With Bluetooth she might not even need
to take the phone out of her pocket.

------
natch
I have a couple scripts, 'add' and 'get', which respectively add or get an
entry associated with some keys to a text file.

An example line in the text file looks like this:

    
    
        facebook password: [base64:U2FsdGVkX1/T8CoWmfDOoaapE5lGj/fqHE3s8NohnriGajnPrCzWikCneU/u7]
    

Anyone thinking of trying to crack that, well good luck. I removed and
twiddled a few characters from it, as if it wasn't hard enough already. Oh but
here's how to decrypt if you really want to try:

    
    
        echo "$data" | openssl enc -d -aes-256-cbc -a -salt -pass env:MY_PASS
    

That's not a script, it's just an excerpt. You'll have to guess the password.
You should probably do something else with your time.

Since the text file is encrypted, I store it on Dropbox. Then I can access
this from any computer where I log into Dropbox, provided I know my main
password for decryption.

Later I can type 'get facebook pass' on the command line and the get script
will retrieve the best matching entry, decrypt the value, and put it in my
copy paste buffer ready to paste.

The biggest problem with this system is sometimes when two or more entries are
a close match to whatever keywords I input, it may pick the wrong match. I
need to improve it to show a list to pick from in those cases, or work on
better ways to remember the right keywords for each item. Also my matching
heuristics could be improved.

I use this in conjunction with a command line script for generating strong
passwords. Most accounts have different passwords at this point and they are
all strong. One problem with the script is I sometimes have to tweak the
resulting password by hand to match whatever (generally dumb) rules are in
place at a new site... when I say dumb, I mean for example, '!' not allowed,
etc.

For sharing web passwords with my phone, I just allow Safari to remember them
and then trust iCloud, for better or worse.

Overall this is not a pain, and pretty successful. But if someone got terminal
access in my account on my computer, it would be game over... so I try not to
allow that.

~~~
kqr
Why generate symbols that are not permitted anyway? You'd lose nothing by
emitting the base16 encoding of the symbol.

~~~
natch
Have you even used the internet much? Some sites do require symbols. And some
sites have ridiculous rules that your suggestion would also not help with.
Also, restricting yourself to the 16 characters in hex encoding makes your
passwords that much easier to guess.

~~~
kqr
> Also, restricting yourself to the 16 characters in hex encoding makes your
> passwords that much easier to guess.

No. Entropy does not change by adding redundant bits.

~~~
natch
The bits are not redundant. When you have a larger alphabet, you get more
possibilities for the same length of password. Sure you could also have a
password that consists only of 1 and 0, but then you would have an
unreasonably long password. Just as you would also have for a hex password, to
a lesser degree. To carry it to an extreme you could have your password
consist of just one character repeated a secret number of times, and yeah,
sure, in your little theory world the amount of entropy could still be the
same, but practically speaking it's a stupid idea, just like using hex
characters.

You really are confused about this stuff.

You also seem completely unaware that many sites have password rules that
require special characters that don't exist in your scheme... lol!

------
larsen161-2
Remember that your email is part of your password. When sites are compromised
your email is never encrypted and when you use the same email across every
site a hacker now has part one of your login. For those unlucky to use the
same password across many sites, once the password is obtained it can now be
used at other sites. If you have a unique email (login) to every site then
using the same password becomes less of an issue as the hacker now only knows
1 part of the authentication values. Still best to use different passwords
though.

------
JohnStrange
I agree that browser-based password managers and password managers on Android
are insecure. These platforms have huge attack surfaces.

I'm using _ForgotIt?_ [1] because I'm its author. It doesn't have a browser
interface and doesn't have a mobile version. I would make a version for iOS if
I used an iPhone, but I have never planned to make an Android version, because
Android devices are just too insecure. (They are theoretically secure but in
practice most of them don't get enough security updates.)

That being said, _ForgotIt?_ also has some weaknesses that are laid out in its
documentation. It doesn't lock memory, so you should use encrypted swap or
disable it, and its keystretching algorithm compromises a higher security
margin for speed.

Depending on your threat scenario you can also keep some of your passwords
written on paper in your wallet. You could also keep them in a physically
secured place like a wall safe. If you're worried about targeted attacks,
that's in fact the best choice for most people, since no current operating
system, no PC, no tablet, and certainly no phone is currently safe from a
targeted attack by a dedicated adversary.

[1] [http://peppermind.com](http://peppermind.com)

------
typetehcodez
Pen and paper. I keep a small notebook wedged under my desk and a back-up in a
fire safe.

------
jazmit
A system I've used happily for many years is as follows:

I have a function which is easily computable by hand but uses information only
known to myself, which converts the website into a pseudo-random password.

Obviously I can't tell you the actual function I use as this would reveal all
my passwords, but for example, you could use ROT13 on odd numbered characters
in the domain name and then add a fixed string to make up the password length.

I still use the browser password store with non-critical websites for speed,
but can still get into any site where I have an account from any machine by
re-calculating the password in my head.

Of course, this isn't secure enough if you're someone who might be
individually targeted by hackers (eg: if you work at a large company or in
government) - if they obtained a few of your passwords, they could reverse
engineer your password function and get into the rest of your accounts. You
can mitigate this by separating the sites you use into different 'security
clearance' levels (eg: those with access to your money, those with access to
your personal info, etc) and having different password functions for each
level.

------
paule89
I am at the moment also trying out password managers and searching for the
best one. Lastpass so far has the best features, great password generation.
But on Android it lacks a good and decent integration in finding and selecting
the correct password for an app. Seriously bad. 1Password is better in this
regard, but you can not swipe the 1password "click here to fill out with
1password" away. So also definetly a dealbreaker. But 1password is great at
only showing the correct password for your app, after selecting it once.

Regarding the user interface don't get me started on keepass. It was recently
forked into keepassxc but the chromeipass/ foxipass integration does not work
all the time. Also love it if a website just shows your username already and
you have to fill out the password and can't use hotkeys. (I am looking at you
google) Lastpass can do it successfully, but keepass...

The Android interface was last tested a few years ago by me and it only had a
notification area you had to always show. I don't know if it is much better at
the moment.

Regarding your password security: Lastpass itself encrypts your passwords and
hashes them thousand times. You can also manually adjust the hashrate to even
more. So even if lastpass would get cracked. You would have to try out every
possible hashing number with every possible password combination. So thats a
plus. Well compromising your pc and installing root would be your least
concern. It would be easier to steal your phone, get your fingerprint and
unlock your database this way.

You can never be 100% secure. But have to choose your best way of doing it.

Also i am open to suggestion regarding a great password manager for android.
Will have to try out keepass and dashlane again.

~~~
Outpox
I would suggest Bitward[0]. I used Lastpass (premium) for 3 years but when I
switched from Chrome to Firefox Nightly a few months ago I learnt that
Lastpass didn't have a web-extension for Firefox (it was the old extension
which wasn't compatible anymore). I waited a few months hoping they would
release it quickly since there's very little difference between a Chrome and
Firefox extension but nope. So I canceled my plan, exported my data to
Bitwarden and went with it instead. I haven't been disappointed.

[0] [https://bitwarden.com/](https://bitwarden.com/)

~~~
bribroder
There is a lastpass extension, including the binary version, for firefox:

LastPass Firefox Toolbar Version: 4.2.3 Built: Mon Dec 04 2017 13:51:36
GMT-0500 (EST)

Binary Component: true (Native Messaging version 4.1.44, built Nov 16 2017
23:33:27)

Is it broken upstream in the nightly build, but not in the stable build?

------
TechWizard
I used an algorithm previously, which was a hassle at times and probably not
as secure as I was telling myself. This was until I joined Bluink and
discovered Bluink Key.

Bluink Key is a secure (nontypical) password manager that encrypts your
passwords locally on your smartphone and automates logins on your computer via
a Bluink Key USB device. Nothing is ever stored in the cloud.

Bluink Key is impractical for attackers to target because they need physical
access to your phone, they need to know your phone's PIN, and they need to
know your master password to Bluink Key. This is very difficult to pull off
assuming you usually have your phone with you and have a decent PIN/master
password.

Bluink Key is also relatively unprofitable for attackers to target because a
successful attack would only yield passwords from one individual, whereas a
successful attack on a traditional, cloud-based password manager would yield
passwords from millions of users.

Bluink Key is a two-factor authenticator as well (FIDO U2F and OTP).

Here's the website if you're interested:
[https://bluink.ca/key](https://bluink.ca/key)

------
wyqydsyq
Don't store your passwords anywhere, have them be determined by generating a
unique password based on the service name and a master password with an added
salt, this is similar to other proposed algorithm methods except more secure
because your unique salt is used in addition to your master password, so even
if someone guessed/learned your master password (e.g. social engineering) they
would not be able to generate the same result passwords for services without
your unique salt that's only located on your device(s) which should
(hopefully) be physically secure.

This way you only need to remember one password (master) to re-generate your
password for any given service, and nobody can replicate the resulting service
passwords without knowing BOTH your master password and your salt.

I wrote a proof of concept a few years ago, it's pretty outdated and
generating word phrases would be better than just hashes, but it conveys the
idea: [https://github.com/wyqydsyq/ysnp](https://github.com/wyqydsyq/ysnp)

------
jones1618
As someone else did (deep in a comment thread), I'd recommend MemPa, an
algorithmic password generator that uses one master password plus the site and
your username to generate (or recover) your password.

Using MemPa (which is basically one line of JavaScript), your passwords are
always hard to crack, retrievable with one password and yet never stored
anywhere so there's no tempting honeypot for hackers to target.

The original article is here: [https://hackernoon.com/mempa-a-modern-
deterministic-password...](https://hackernoon.com/mempa-a-modern-
deterministic-password-manager-2c0f28fa108b) (There are links to iOS and
Android MemPa apps, too.)

I've also wrapped the algorithm in a single-page web app that you can copy to
your own site or thumbdrive to make using the MemPa algorithm easier.
[https://codepen.io/jones1618/full/eeqBNG/](https://codepen.io/jones1618/full/eeqBNG/)

------
nijaru
I'd suggest this.

[http://ssl.masterpasswordapp.com/](http://ssl.masterpasswordapp.com/)

~~~
ccakes
I thought this was a great idea to the point where I put together a Chrome
extension to try it out a few years ago.

In theory it's solid but in practice, websites with arbitrary (and foolish)
password requirements means your generated pass is likely to not be accepted.
You can add fields for tuning the presence of non-alpha and capitalised
characters but then that needs syncing and at that point - the benefits aren't
really there.

------
ecesena
I think I share your same concerns: I don't want to rely on any single
application for my entire security (and some passwords are my entire
security).

I recently blogged about the algo I use [1], it's a simple deterministic
base64(sha256(.)), which is easy to remember and apply everywhere.

The post was pretty successful compared to my usual views/comments, and with a
group of friends (all former researcher in security) we started building a
MemPa [2], which we just released for iOS/Android.

[1] [https://hackernoon.com/how-i-manage-my-passwords-
technical-v...](https://hackernoon.com/how-i-manage-my-passwords-technical-
version-8549dc1bde1e)

[2] [https://hackernoon.com/mempa-a-modern-deterministic-
password...](https://hackernoon.com/mempa-a-modern-deterministic-password-
manager-2c0f28fa108b)

~~~
kentbrew
What do you do for situations where a service has force-expired your password?

~~~
ecesena
In my personal case I have no such passwords.

This said, you can use the counter. The counter isn't necessary an incremental
int, you can also for example use yymm if you want to "auto renew" your
password every month.

So far we haven't implemented anything in MemPa, but we were discussing this
last option. Would be great to hear what do you think.

------
phillysnoodle
I use a script that generates passwords based on a master password and a "site
tag" (originally used for web based logins, but the site tag can be any word
really, eg "somepieceofsoftwareyouuse").

You can find a web version here:
[https://milliways.cryptomilk.org/passhash.html](https://milliways.cryptomilk.org/passhash.html)
You can save the page locally (it's only a piece of javascript), or extract
the functionality to build your own command line tool with nodejs from it,
like I did.

(not my code, and I shamelessly grabbed the pieces from the js code for my own
fork of it)

This way I have a new password for every use case but only need to remember
one master password, which should be pretty hard to reverse engineer. I hope.

------
roryisok
This might sound like I'm trolling (honestly not) or trying to seem superior
(Again, really not), but I try to simply _use long passwords and memorize
them_. I'm fighting back against what I perceive to be the erosion of memory
by my increasing dependence on modern technology. We don't need to remember
stuff anymore, we just use this algorithm or that password manager. In the
past I've used keepass, and I keep that as a backup for rarely used things,
but increasingly I just try to memorise long passwords or pass-phrases for the
key services that I use every day. My credentials for google, paypal, amazon,
github, dropbox, onedrive, online banking and more are all just memorized
rather than stored.

------
ricardobeat
I have a folder with encrypted text files containing a password for each
service. It is available locally and backed up to the cloud (with another
layer of encryption). The key is in my head, no backup.

A script lists all files through fzf[1] which lets me find and select the
right one very quickly, then copy to clipboard (expires after a few s). In a
laptop the whole process of switching to terminal and grabbing a password
takes a couple seconds, slightly longer on an ipad due to app switching.

Downside: no access via mobile (though I could have).

[1] [https://github.com/junegunn/fzf/](https://github.com/junegunn/fzf/)

~~~
dahx4Eev
Which encryption do you use?

~~~
ricardobeat
AES256 using the system’s `OpenSSL`. I’d like to move to a self-contained
executable with a more modern cipher but am wary of introducing too many home-
brewed parts.

------
sixhobbits
Always going to be a security/convenience tradeoff to some extent. If you
expect to be targeted by The Baddies (tm), you want to tradeoff convenience
for security. Spend some time every day memorizing long random strings and
hope you never get hacked using the Wrench method[0].

If you're not expecting to be specifically targeted, then "modify a single
password per service" can be surprisingly secure. Don't just add "tw" "fb",
but memorize a more complicated algorithm that's not obvious from inspecting
two or three leaked passwords. e.g. Basic Caesar Cipher on the odd characters
of the passwords using some part of the service name (fb, tw) as a key.
Memorize a single algorithm that you can do mentally. Use something completely
different for primary accounts (probably bank + main email that allows you to
reset other accounts' passwords).

Some people will disagree and say "just use a secure password manager", but
there is a valid argument that managers are not necessarily the best solution,
depending on your use case.

[0] [https://xkcd.com/538/](https://xkcd.com/538/)

~~~
blowski
> there is a valid argument that managers are not necessarily the best
> solution

What is that argument?

~~~
sixhobbits
"Depending on your usecase" \- e.g. you use many devices, need your passwords
on all of them, and don't trust any of the current password managers to do
their job (which is valid due to the many breaches and vulns).

~~~
blowski
Is the reality that your home-grown solution is genuinely going to be more
secure than one of those current password managers? I doubt it.

However, I agree that for some people existing password managers seem either
too complicated (KeePass) or expensive (1Password). In that case, I recommend:

1\. Generate a password randomly using a 'diceware' type methodology

2\. Use a standard prefix in front of all your passwords.

3\. Write the password _without_ the prefix in a notebook that you carry
everywhere.

It's still not as good as 1Password because the passwords are not encrypted.
But it's better than using a predictable algorithm that you have to remember.
And of course, it's better than the system this often replaces - using the
same 8 character password everywhere.

But I still strongly recommend paying for 1Password. How much do you pay for a
padlock for your bike, or a burglar alarm for your house?

~~~
sixhobbits
I never claimed it was more secure than a password manager. Just
'surprisingly' secure. You get something easy to remember with a lot of
entropy that's difficult even for someone targeting you to exploit and which
mitigates against the more common attack of cracking passwords en-masse from a
leak and retrying them.

Yes, it has its own attack vectors, but they don't include things like ads
stealing your info from your password manager [0] and apps stealing your
passwords from your clipboard [1], both of which are legitimate reasons why
you might want an alternative to a password manager.

"home-grown solution" has very negative connotations in infosec and rightfully
so. I don't like seeing it in these kind of contexts as it blurs an important
distinction between "Don't write your own random number generator if you're
creating an app like Signal" (don't do it) vs "Find a solution to deal
something as shitty as passwords in a way that works for you" (do it).

Your recommended method might also suit some people better (e.g. people who
already carry a notebook around everywhere and guard it carefully).

There are no silver bullets out there. Work out what your needs are and then
find a reasonable solution. It might be a password manager. It might not be.

[0] [https://www.theverge.com/2017/12/30/16829804/browser-
passwor...](https://www.theverge.com/2017/12/30/16829804/browser-password-
manager-adthink-princeton-research)

[1] [https://arstechnica.com/information-
technology/2014/11/using...](https://arstechnica.com/information-
technology/2014/11/using-a-password-manager-on-android-it-may-be-wide-open-to-
sniffing-attacks/)

------
tboyd47
I am working towards a two-tiered system. First tier is kept on a physical
PasswordCard and muscle memory, and cycled annually. This is for the sensitive
passwords. Second tier is handled entirely with a password manager. The
password manager generates, stores, and fills them in for me. These are not
sensitive and cycled/recycled as needed. I still have this nebulous "third
tier" of leftover passwords that haven't migrated on the new system, where I
basically use variations of the same two semi-secure passwords. I hope to
eventually get rid of this tier.

------
romdev
Please consider the prevalence of high resolution cameras when using paper or
even a clear-text document for password storage. A page from your list could
be exposed to a security camera, compromised IoT device, or the sneaky person
behind you with a cell phone, and you would be unlikely to know it happened.

And if you use a password manager, please store your master password in a
well-sealed envelope in a safe place for your loved ones to open in a worst-
case scenario. All your passwords may be compromised if it's stolen, but at
least you would know it happened and can change them.

------
gits1225
I use [https://www.grc.com/passwords.htm](https://www.grc.com/passwords.htm)
to generate passwords and save the passwords in a text file stored in a
pendrive.

------
madjam002
For me, [https://www.passwordstore.org/](https://www.passwordstore.org/) and a
Yubikey is the best setup I've tried.

It's quite a lot of work to set it up though.

~~~
DerfNet
So, how does this work on a smart device? Do you plug the Yubikey into an OTG,
or do you just not access anything on your phone?

~~~
thinkMOAR
Typically you can load the key (from the ubikey) into google authenticator too
on your phone

------
mobilemidget
I believe putting all your eggs in a single basket isn't typically regarded as
the most safe approach.

Though typically your machine gets compromised and doesn't really matter if
you type something from memory or copy paste it from a password manager, you
are screwed. A proper way to restore your access that only you can do seems
more safe. A password or login can be compromised, but as long as you have a
way to regain (sole) access to your account, I think that is more valuable.

------
jlgaddis
LastPass users: note that "lastpass-cli" [0], a utility for managing your
LastPass database entries from a terminal, exists and is (for me, at least)
very handy when doing anything outside of a web browser.

Create a few aliases in your shell and you have a very convenient, easy-to-use
(for the HN crowd, anyways) tool.

[0]: [https://github.com/lastpass/lastpass-
cli](https://github.com/lastpass/lastpass-cli)

------
TheHCA
I wrote a simple python program a while ago where it takes my master pw,
domain of the site, and an answer to a personal question to create my password
for a given site using a custom cypher.

Has actually worked really well for me, though the annoying part comes when
you need to login to something on your phone and the cypher program is on your
desktop PC.

Though this likely wouldn't be an issue if I had an android phone and could
easily make a small application for it.

------
akeck
Some people use plaintext files in a git repo in an encrypted disk image file
with a long passphrase (Windows disk image (Bitlocker), macOS encrypted disk
image (AES256), and Linux LUKS encrypted image (most modern symmetric
ciphers)). "Small" images hold lots of passwords, and you can drop the images
in private cloud locations and USB storage in a safe. This method lacks auto-
locking after a timeout and easy mobile access.

------
arca_vorago
I do have a basic algorithm in my head for when I don't have my password
manager of choice, keepassxc
([https://github.com/keepassxreboot/keepassxc](https://github.com/keepassxreboot/keepassxc))
on hand, but I highly prefer to just keep seperate keepassxc databases and
secure them by keeping them stored on fde removable media (microsdcards are
easily hidden).

------
Talyen42
I assume all my passwords will be leaked/known and don't store anything
sensitive without 2FA, ideally not SMS 2FA.

A password alone is never secure.

~~~
smt88
This is almost totally impossible for most people. Banks have notoriously
terrible password and 2FA policies, so even in the unlikely event that they
allow a long/strong password, you're stuck without 2FA (or with SMS 2FA).

------
alex-
I try and mitigate the password management single point of failure with two
factor authentication.

Obviously that it not an option for every site but access to my password
manager, alone, will not provide access to my email (which lets me rest all my
accounts) or my bank etc

Of course I use two factor on the manager too.

It doesn't completely solve the problem but I haven't found a better
alternative (that works for me)

------
UntitledNo4
My alternative is believing that not all websites you log into pose the same
risk to you and accepting some risk. This means I divide websites that require
login into two categories:

1\. I don't care if somebody gains access to my account

2\. I do care if somebody gains access to my account

I use the same password for all the websites on the first category. It should
be at least 8 characters long, consists of a made up word with some numbers
and characters. Example: 7%Frifells. I drop the special character on websites
that don't allow them in passwords and then it's a matter of failing to log in
once and trying without it.

I use a different "xkcd" password
([https://www.xkcd.com/936](https://www.xkcd.com/936)) for every website on
the second one. Those are essentially catchphrases which I end up associating
with the website I use them for. They consist of several words with numbers
and special characters (using the example in xkcd, mine would be
correctHorse?1batterystaple!).

So, I have to memorise about 8 passwords, all which make sense to me. In
addition I have a password reminder file which consists of the website URL and
the first two/three characters of the password. I don't bother adding
completely unimportant websites from the first category.

If my password from category 1 gets compromised then it's a bit of a hassle to
change the password on all the websites on the files, but no harm done. If a
password from category 2 gets compromised then it doesn't affect the other
websites.

\---

I wish a lot of websites would realise they can be password-less. Pinterest is
a good example. I have never posted anything, they don't have any personal or
financial information from me and if and the only reason I registered was
because I wanted to search something there once, and they made me register for
that. Same goes to Quora and many other websites. I think all those should
allow registering without a password but limit the functionality of those
accounts.

\---

Edit: formatting

~~~
h4waii
IMHO, this is a curious way of thinking. Why put in the work of trying to
secure one account, but not others? Wouldn't it be easier to simply secure ALL
and not have the mental gymnastics of "how much do I care about this?"

Each account an attacker can gain control of, is more information they can
glean and potential leverage points to gaining access to the accounts you _do_
care about.

------
INTPenis
You're talking about mitigating the risk of break-in by using an alternative
to a password manager.

I'd rather propse to use a self-hosted password manager on a VPS or in a cloud
service.

As long as that password manager is hosted securely, VPS for example, and uses
your login password to help decrypt the stored passwords.

Perhaps some HMAC required too.

Anyone know if this exists in the open source world?

~~~
smt88
KeePass is FOSS, and you can keep your database local or host it wherever you
want (your server, Dropbox, Spideroak, etc.)

------
libx
There's also keychain
[https://github.com/levaidaniel/kc](https://github.com/levaidaniel/kc) Open it
with a master password, copy passwords from it or save new entries. You can
have the single file database in a shared service like Dropbox and use it from
any computer.

------
sborza1
Bluink key is a password manager, OTP generator and FiDO U2F key all in one.
It is a smartphone app for iOS and Android that stores all your passwords on
your phone, not in your browser, not in the cloud. You can generate different,
random passwords for everything and add 2FA to your most important logins.
Check it out! Bluink.ca

------
JoeAltmaier
Used to have a car with a digital lock; every time you exited, you punched a
code to lock, punch again to unlock when you return.

Most folks would just give up and punch 1111 or some such. Instead I used the
address where I'd parked. Didn't have to remember; didn't have to invent
anything; different code fore every place I went.

~~~
rbcgerard
what type of car was that? I've never heard of a car having a different
password every time!

------
fyfy18
If you are more confident of your physical security, one option would be to
use a book. If you search on Amazon for “password book” you can find the
equivalent of an address book for the 21st century.

I recently got one for my parents (as they use and keep loosing post-it’s) and
it has fields for username, password, secret question and notes.

------
maio
I'm using Trezor hardware wallet which also has password manager
([https://trezor.io/passwords/](https://trezor.io/passwords/)). I'm storing
important secrets there (e.g. master password to my regular password manager
which is Avast Passwords).

------
notyourday
I'm lame. I don't need a pen to write a space when a pencil would do:

1\. To generate a password i use randompass, which pulls stuff out of
/dev/urandom, massages it and dumps it onto the screen.

2\. I add that password to a plaintext login : password file located on an
encrypted disk on my laptop

3\. My password search tool is "grep"

------
33W
Until about 6 months ago, I used a physical password manager: a small notebook
that I kept with me. It posed a greater risk to a physical attack (theft or
snooping), but I accepted that risk over using shared passwords across
services.

I've started using LastPass as a replacement for this, and have been happy
with it.

------
hex-m
To mitigate the single-point-of-failure steganography (hidden containers)
would help. That would offer compartmentization and deniability. One tool that
implements this:
[https://github.com/bwesterb/pol](https://github.com/bwesterb/pol)

------
0x264
I have a folder in which each text file contains the username and password(s)
for a particular domain/service. The hard drive is encrypted and its backups
(on geographically spread external drives) are also encrypted.

I let Keychain (MacOS) remember the passwords, so I never really think about
them.

------
arkh
I use a small truecrypt file containing text files with passwords generated
randomly which is available online on some of my servers. Not perfectly secure
nor the best ease of use but good enough for me and not using a third party.

Note: as TC has been discontinued, using VeraCrypt would be a good idea.

------
futhey
Some years ago my solution was a notebook in a physical safe. Not recommending
this, but I already had the safe and I reasoned that for the assets I was
protecting, it was unlikely that a thief or anyone who might gain physical
access would be interested.

------
nicwolff
At this point I usually let iCloud Keychain generate, store, and sync
passwords, but for some sites I still use a Javascript password generator [0]
I originally wrote in 2003 or so [1] – I may be the inventor of in-browser
hash-based password generation. It spawned a bunch of similar sites, and it's
still useful, so in that sense it has been very successful – but it has all
the frustrations described by others here: updating passwords is a pain,
"special characters" have to be added, &c.

[0]
[http://angel.net/~nic/passwd.current.html](http://angel.net/~nic/passwd.current.html)

[1]
[https://web.archive.org/web/20031222201145/http://angel.net/...](https://web.archive.org/web/20031222201145/http://angel.net/~nic/passwd.html)

------
jhasse
I use [https://bixense.com/pwcalculator/](https://bixense.com/pwcalculator/)
(GUI for hashing alias + site) and dedicated passwords for services I need to
access more often.

~~~
Kequc
This seems to me like a very clean solution, is there a Chrome extension
version of something like this? I'd love to tap on a password field, enter my
secret key, and have it autofill based on the domain of the page.

~~~
ryan-c
If someone suspects such a solution is being used, they can attempt to crack
the master password. Combined with the weakness of this not supporting forced
password rotation or varying complexity requirements well, it's really not a
good solution.

~~~
Kequc
Why would anyone suspect that? You're talking about what 1 in several million
users? All you have to be is above the threshold of "easy to hack". I'd like
to be referred to such a thing if there is one already.

~~~
ryan-c
The specific tool mentioned uses a trivial scheme. If I were trying to crack a
large breach, I'd probably try running a few billion master passwords with
that algorithm.

~~~
jhasse
If you master password is weak, I don't think that bcrypt/scrypt in my tool
would help when a breach has happened.

~~~
ryan-c
It absolutely would.

~~~
jhasse
Care to elaborate?

As I can't salt the hashes the attacker can precompute all the passwords he
wants to try. If that takes 1 minute, it will take 1 minute for a database
with 1 billion passwords and 1 minute for a database with 2 passwords.

~~~
ryan-c
You could simply have people use their email address (or name) as a salt. Not
great, but it would help significantly.

Eight character random mixed alphanumeric password, hashed with say, sha256:
crackable in hours with a GPU cracking rig.

Eight character random mixed alphanumeric password, hashed with scrypt using
aggressive settings: could take years or decades to crack.

There is absolutely a large class of passwords that will be cracked if the
hashing is fast, but not if it's hashed with a time and memory hard function.

You can make an attackers job literally over a million times harder at minimal
cost.

~~~
jhasse
> You could simply have people use their email address (or name) as a salt.
> Not great, but it would help significantly.

This wouldn't work, as the attacker should know both from the database.

Anyway: If the user really wants, he can already add his email or name to one
of the input fields. A salt is just another input to the hash function so this
would be the same.

> Eight character random mixed alphanumeric password, hashed with say, sha256:
> crackable in hours with a GPU cracking rig.

Let's say by "several" you mean two. Then if

    
    
        62^8 = 2 hours
    

that means that:

    
    
        62^12 = ~3374 years
    

Meaning that a 12 character random mixed alphanumeric password would already
take longer than the scrypt approach thanks to the way the exponential
function works :)

And to do it the other way around (let's say that "years or decades" is 20
years):

    
    
        62^8 = 20 years
        62^5 = ~44 minutes
    

That's why I don't like to advertise with an "uncrackable hash function". In
the end this might lead users to choose a shorter password, which is way
worse!

> scrypt using aggressive settings

Keep in mind that if a breach happens, the database is _also_ hashed. And
salted! So the attacker would need to crack that first anyway.

~~~
ryan-c
> This wouldn't work, as the attacker should know both from the database.

You mentioned pregenerated lookup tables in a previous comment. Using email
address as salt prevents that attack. Salts come with the database too.

> Anyway: If the user really wants, he can already add his email or name to
> one of the input fields. A salt is just another input to the hash function
> so this would be the same.

The proportion of people who would supply it as a salt is much greater than
those who would otherwise prepend/append that data to the password.

> Meaning that a 12 character random mixed alphanumeric password would already
> take longer than the scrypt approach thanks to the way the exponential
> function works :)

Yes, but then the user has a more difficult password to memorize, so that
argument is irrelevant. You should be thing about what actual humans actually
do, rather than assume your users are technically sophisticated and willing to
put in the effort to do the right thing.

> That's why I don't like to advertise with an "uncrackable hash function". In
> the end this might lead users to choose a shorter password, which is way
> worse!

Don't advertise it as such, but do it anyway, and explain the details in an
FAQ.

> Keep in mind that if a breach happens, the database is also hashed. And
> salted! So the attacker would need to crack that first anyway.

It is entirely unreasonable to expect anything better than MD5.

~~~
jhasse
> You mentioned pregenerated lookup tables in a previous comment. Using email
> address as salt prevents that attack. Salts come with the database too.

Ah right, didn't think of that!

I will think of adding a preference where one can add a salt value :)

> Yes, but then the user has a more difficult password to memorize, so that
> argument is irrelevant.

But while the password-remembering difficulty scales linearly, the difficulty
to crack it scales exponentially ;)

------
midgetjones
I have one of these. I personally never use it due to the inconvenience, but
it might work for you.

[https://www.qwertycards.com/](https://www.qwertycards.com/)

~~~
beojan
The space bar code and "secret word" portion together are the same across all
sites. If your password is compromised on two or three services, the attacker
has this constant portion, and the remainder of your password is a simple
substitution cipher encoding the service's name.

~~~
midgetjones
Well then I guess it's lucky I don't use it!

------
24gttghh
I used to open a text editor and mash on the keyboard until I had an 8-12char
password. I'd then type that sequence out again 10-20 times until it was
burned into my memory. Then I close the editor without saving it :) Let your
subconscious "muscle-memory" remember the password for you! Bonus point: if
someone tries to coerce you into revealing your password, you honestly won't
know what it is without typing it out. This doesn't seem to scale beyond doing
it a few times as they get hard to remember, but it can make for a few secure
email/banking passwords.

------
duncan_bayne
Yep - a text file, encrypted with ccrypt. Happily, Emacs knows how to open and
save ccrypt-ed files.

~~~
laci27
Why would you use an encrypted file when you have free, open source password
managers like Keepass? Every time you login somewhere, you open the file,
search for the site, copy the password and paste it in the browser? What do
you do when you need a password on your phone? What do you do to clean your
memory after the paste operation to reduce the likelyhood of memory trojans
reading it?

~~~
cJ0th
> What do you do when you need a password on your phone?

dl the file from dropbox and decrypt it via termux /s

~~~
laci27
How much do you get paid / hour? Cause that takes times. 5 minutes here, 5
minutes there and I guarantee you that if you do the math, you're wasting a
lot of time doing stuff that password managers (online/offline/closed or open
sourced) can do automatically.

------
JamesLeonis
+1 for Keepass.

------
durfdurf
pen and paper

~~~
laci27
rofl. I have around 1300 passwords in Keepass, most of them are 20 characters
including symbols. Good luck writing those passwords every time you need to
login...

~~~
ktpsns
I used pen and paper for a decade now. I have a folder and preprinted forms
where I note passwords with pens. The folder had like 20 sheets. This worked
pretty well and is without doubt the most secure variant -- I always have my
folder with me. Note that this only stores the important passwords. I use weak
and dumb passwords for non-important services (similar to disposable email
boxes).

Anyway I want to change to a paperless variant due to the increasing amount of
"important" services.

~~~
laci27
I have a friend who does the same, but a folder with password is not
encrypted. If it's stolen, or you just leave it somewhere by mistake, or if
you leave it on a table while you piss, byebye security... A hacker only needs
your old yahoo password to hack everything else. Please use at least Keepass,
it has a master password, it is encrypted all the time if you want, it can
have browser integration, it can upload the encrypted DB to the cloud..

~~~
ktpsns
That's true. However, in general I trust my environment so much more than "the
whole Internet" which potentially can gain access to my systems. In fact, I
don't think encrypting password managers (even in their simplicity such as
[https://www.passwordstore.org/](https://www.passwordstore.org/)) prevent
typical use cases: If your home account is compromised, it is easy manipulate
the workflow and subsequently decrypt your virtual password storage.

------
trisimix
MPW

------
justherefortart
Spreadsheet that's encrypted inside an encrypted drive (veracrypt). If I can't
remember the password I used, I just open everything up then copy/paste. Use
2FA where possible and have never answered a "security question" without some
ridiculous bullshit answer (that is also stored in the spreadsheet in case I
have to look it up).

The only issue is when I try to do shit on my phone, but that's never been
critical as I'm in front of computers 12-16 hours a day.

------
jlebrech
dashlane is interesting as i has a one button password regeneration that logs
into sites uses the change password functionality for you.

~~~
oneweekwonder
> change password functionality for you

Lastpass has the same functionality. This is actually a feature open source
tools like keepass and so on needs. That and easy cloud/mobile integration.

------
SimeVidas
I use my browser’s password manager, which works across devices. It’s Mozilla,
so I trust that they take the security of my data very seriously.

~~~
dabernathy89
In case you hadn't seen this yet: [https://freedom-to-
tinker.com/2017/12/27/no-boundaries-for-u...](https://freedom-to-
tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-
browser-login-managers/)

------
throwaway899
I let Google Chrome generate my passwords (You can enable password generator
from chrome://flags/ ) and save them to the browser.

If I need to see the password for some reason you can find it from browser
settings.

