undefined | Better HN

0 pointstoleda3y ago0 comments

I may be wrong, the idea is interesting but looks more like a password generator and a terrible password manager to me.

You still need to store somewhere informations like url, username, counter, etc. right ? Can you change the master password without changing all your accounts password ? If one happens to find your master password, he's basically able to get/generate all your passwords just like a normal pw manager with no 2FA, correct ?

0 comments

ziml773y ago

You have it right. This master password derived passwords idea is nothing new. Few people actually use it because it's not actually a great idea for the reasons you listed.

j / k navigate · click thread line to collapse

0 comments

ziml773y ago

You have it right. This master password derived passwords idea is nothing new. Few people actually use it because it's not actually a great idea for the reasons you listed.

j / k navigate · click thread line to collapse