|
|
|
|
|
|
by sporksmith
5058 days ago
|
|
|
> The point is that the mandatory substring is random and unique to you. Ah, that's a little better. I still think the security gained is not enough to justify how much of a usability problem this could be, though. Assuming the per-user fixed substring is a secret, you're basically assigning the user's password (though giving them an option to strengthen it with their own 'root' password). If it's not secret then not much security is gained. > How could you enforce the usage of a password manager? I don't know of a good way. Although if every site starting assigning (part of) the password, as above, I suppose that would do it. |
|
|