| I'm the Soatok Dreamseeker the author cites. I've previously disclosed cryptographic bugs to both LastPass and 1Password. I've written about my experiences: https://furry.engineer/@soatok/109560736140669727 The post I wrote about the intersection of Passwords and Cryptography was spun off as a prerequisite for a longer post I was writing about password management from the perspective of a cryptography engineer. As part of that post, I planned to review Bitwarden (since it's open source and therefore I don't have to expend the additional mental cycles to reverse engineer it like I did LP/1P's offerings). The challenges faced by browser extensions with other password DKFs is that, if you want performance, you don't want to write it in a scripting language. WebAssembly might work, but the ideal outcome is to be able to call `await crypto.subtle.Argon2id(/* args */)` and get your result. The path forward, therefore, is to get Argon2id support into WebKit, Chrome, and Node.js. |
Per their README it seems it’s implemented into “KeeWeb”.
KeeWeb is a free cross-platform password manager compatible with KeePass.
https://keeweb.info https://github.com/keeweb/keeweb
Anyone checked out KeeWeb?