The proposed solution adds little to no real world security (see my other post about how easy it would be to guess which part is the random one which makes this system not useful unless almost all sites use it, which will never happen). Given little to no real world security gain from the described system, it certainly isn't worth breaking an existing system that works just fine and securely even if for just a minority of people.
The proposed solution adds little to no real world security (see my other post about how easy it would be to guess which part is the random one which makes this system not useful unless almost all sites use it, which will never happen). Given little to no real world security gain from the described system, it certainly isn't worth breaking an existing system that works just fine and securely even if for just a minority of people.