A stateless password manager, interesting concept.
cloudflare made one in Go.
interesting take on managing passwords π PBKDF2 is not a new concept though π
@david@netbros.com good point, it is feature lacking. I think it will be handy for the use cases @carsten@yarnd.orbsmart.synology.me has pointed out.
Add the computed password to your current manager for BAU features whilst having the ability to compute the password anywhere, for those use case credentials.
@deebs@twtxt.net @david@netbros.com Do you think an implementation like LessPass with all the required UX improvements would be a useful addition in general? π€ It might be easier to get folks like my wife to use this over an actual password manager? π€ I agree it has to have auto-fill (browser extension) and a mobile app and OTP. But other than that the basic cryptographic primitives behind this seem rather solid. π
@prologic@twtxt.net to keep things simple, perhaps an auto-fill browser extension which automatically uses the URL FQDN as a realm (to remove manual realm input each time) and securely stores the master password so theres no user input.
@deebs@twtxt.net It would need to store a counter too so you can change the password, but yeah otherwise that sounds like a solid design π
@carsten@yarnd.orbsmart.synology.me Nothing. I use pass β The Standard UNIX Password manager as well as the Go rewrite/port gopass
I have no issues with either, I use them both.
Itβs getting others to get into a healthy security hygiene.