|
|
|
|
|
|
by Saavedro
5972 days ago
|
|
|
Say I compromised a website that was storing passwords in the clear. There should be no way whatsoever for you to know I've done this, or even that I've -used- this password. What, if any advantage would you have over a password manager storing single-use passwords? A very good web implementation of this, with client-side encryption so that the service has no access to your actual passwords, is clipperz.com. Do you believe you can offer me something better? As someone who spends a lot of time studying security, I think you've made some extraordinary claims.. |
|
|
Zero knowledge web app - is nice theoretical approach but I don't see a way it will be adopted anytime soon.
As to mine claims, I will post application when it will be ready, and we could discuss attacks against of it. It will be quite different from clipperz etc.