Hacker News new | ask | show | jobs
by enoch_r 4768 days ago
But a cracker can't "notice" that your password was a hash of "something" without knowing exactly what that "something" was, because the output of the hash is pseudorandom and isn't distinguishable from a random string.

Sure, they could assume every random-looking cracked password is a hash and try to crack each one, and conceivably discover your master password that way, but depending on your master password's entropy, that can be as unlikely as you need it to be. And the whole point of something like this is that you can use all your memory remembering an extremely high-entropy master password, rather than a large number of medium-entropy single-use passwords.
1 comments
ninjay 4768 days ago
When we do an analysis on something like this we assume the method of encryption is fully known. Otherwise it's called 'security through obscurity'[1]. If this method got popular at all crackers would automatically start checking all hash-like passwords.

I'm also completely ignoring what would happen if that site were compromised. A little javascript snippet could just forward all passwords to the hacker's server. Even a browser extension could be compromised if it auto-updates. These are implementation details though that could be fixed/worked around.

[1]https://en.wikipedia.org/wiki/Security_through_obscurity

link
btilly 4768 days ago
That is why the pass phrase is required to have a lot of entropy. Even if you know the algorithm used, you're going to have to guess the pass phrase to verify that. And the pass phrase is harder to guess than most people's passwords are.

Aside from the implementation details that you've raised, I'm not finding as many flaws as I expected in it.

link
ninjay 4768 days ago
So put that high entropy pass phrase in Keepass and don't worry about a cracker getting access to all your accounts through a misplaced hash. With all these sites getting attacked you have to assume anything you put in a website is public knowledge.

I mean, using a password safe is no more inconvenient than having to go to a website. When set up, the safe can even be a one click auto-fill deal. I don't see any reason to take the added risk.

link
btilly 4767 days ago
I'm not recommending this approach. I'm merely saying that it isn't as trivially broken as one would think.
link