|
|
|
|
|
|
by yvbbrjdr
1431 days ago
|
|
|
Under the hood, we used Argon2i algorithm to derive the secret key from an arbitrary-long password string. We used the term "password" because that's what ordinary people will understand (like, zip uses the same term for their secret keys). In practice, people should choose password that's long enough to prevent brute forcing, just like picking a password for your online accounts. It's a good idea to use a public key system. But it really confuses new users who has never used PKI before. Nevertheless, we have a key exchange feature built into the app that allows 2 parties to negotiate a shared secret using X25519, for advanced users. |
|
|