|
|
|
|
|
|
by pryce
2973 days ago
|
|
|
1. This relies on a mistaken expectation that all sites you use being able to accept SHA256 output - presumably in Base64 or similar- as an acceptable password. You will likely have to compromise this. 2. You have no credential expiry built into this approach. Even should you decide to not use credential expiry, if one site demands it, your strategy doesn't work. 3. You are still at risk of having your passwords leak because: Anyone who compromises a public machine on which you generated your password manually (eg leaving any traces in logs, bash history etc) who eyeballs your SHA256 input prefix_ashleymadison.com_suffix , now has very clear reasons to expect they can generate passwords based on prefix_facebook.com_suffix and pre_barclaysbank.com_suffix because your credentials between sites are now not independent of each other, and worse, directly suggest each other. Ignoring keyloggers and bash history issues etc any simple 'over the shoulder' attacker, likewise, get a pretty good guess at all of your passwords all at once by observing you generate a password for one site just once. In short, if you attempt to use an approach like this, you no longer just have to protect your password, you have to absolutely protect the knowledge of the algorithm by which you generate your password for different sites. This being compromised just once potentially compromises all your passwords, substantially widening the ways in which you can be harmed. |
|
|
Good point. I'll have to add something to prefix of prefix/suffix for sites which remember previous passwords (or hashes).
> leaving any traces in logs
This I will have to resolve by localizing my sha256 generation process.
> over the shoulder
Also a good point.
Thank you for thinking this through for me. Appreciate it.