[filipo]

DPG seems to be a cool idea but what happens if a website has password requirements like at most/least an uppercase character, a number, no longer than x chars...

As I understand it, you have no control of the output it generates...

[joshlk]

Or if you have to change the password every X months

[tubbyjr]

I think this is a pretty basic capability of most decent DPMs. LessPass for example gives you a counter option to increment and spit out a completely different password for X month update.

[SAI_Peregrinus]

But then it's no longer stateless. So you've lost the primary benefit, while losing the ability to store any other associated secret information in the vault.

[tubbyjr]

https://app.srspass.com is a DPM I found that gives you complete control of the output

[filipo]

Cool seems to work well. My only complaint: there is not much information about who is behind this project and how encryption works... Leading to: what happens if the website is not reachable or goes offline?

[tubbyjr]

I heard about it from a friend of a friend, from my understanding it's just started up, and they're still getting things rolling. Would try contacting them via e-mail or the like if unsure, however, I use it offline on my android, can add it to homescreen and it apparently doesn't need a connection. If they can get the things you mentioned in order, may be an interesting alternative.

I did look at the sources tab, to check out why my laptop was using so much cpu during the decryption phase, and there are some argon2 webworkers that pop up, so some combo of that, and it clearly seems deterministic, since both my phone and laptop produce matching passes, when all params match.

[filipo]

Oh cool you are right. It seems to work in airplane mode. Now the only thing left is the initial load if you switch devices while it has been taken down...

I try to find out more about the project and its story. Thank you

[marioletto]

Where is the unlocking password stored in a web based DPM like this one?