[Groxx]

One domain flaw: dropbox.com used to be getdropbox.com and probably others. Unless you remember and/or changed your password when that happened, it might now be unrecoverable.

One password flaw: some sites have weird restrictions (probably your bank, for instance). A hashing solution is unlikely to meet those requirements, meaning you have to store the value securely somewhere, so why not store them all? On the other hand, if the output can meet the requirements, it's probably partly based on the requirements. If the requirements ever change, your password now doesn't match.

I know I've thought of others previously, but the short version of it all is that at some point you'll probably have to have secure storage for something that doesn't work with the hashing system you have. Once you have that secure storage, why not just use it instead, since it can resolve nearly all of the problems?

[Osmium]

Anecdotally, the "one domain flaw" has only ever happened for me for two websites over long time I've been using this system: getdropbox.com and amazon.com (using international amazon sites). Worst case scenario, you can request a password reset if the domain changes, because it's not the sort of thing that happens often.

The "one password flaw" has never been an issue, but my bank uses proper two-factor authentication with a physical card-reading device, so maybe that's why... I've never actually encountered a website that places problematic restrictions on passwords except (weirdly) Microsoft.

But they're just personal anecdotes that those flaws haven't been an issue for me, but I agree they exist and could be show-stoppers for others. I certainly wouldn't recommend it to anyone non-tech-literate. If I did need secure storage outside of that system (which, you're right, does happen–mostly for wifi passwords and the like) then I just use the system keychain as intended.

But I do still have concerns about the overall security of the system simply because I don't understand it well enough...

> Once you have that secure storage, why not just use it instead, since it can resolve nearly all of the problems?

Because I don't want to pay for 1Password licenses, or be caught out if I'm using someone else's computer, or if all my backups catastrophically fail :)

[Groxx]

Use any Google properties? Google.com and youtube.com (can) use the same password across two domains. I think there are others within google too. Or do they redirect to google.com for all logins? Meh. Like you said, it's a rare problem.

Thought of another problem: when you're forced to change your password. How do you encode that? Just add a version-N marker to the site name (which you have to remember)?

I'm not trying to sell you on 1Password, just point out problems with hash-only approaches :) And the storage-less nature is certainly a (big) plus when it works out, you're right.

--

And one possibly-significant danger you should be aware of: assuming you do something simple (which has the advantage of being buildable from scratch on any system, and easy to remember how), if your password is not globally unique then your security partly relies on the security of whoever else uses your password. If they lose it, anyone who knows that and guesses your username anywhere gets proof that you use the same password, so they can go test a bajillion sites immediately and with perfect success rates.

The standard technique for mitigating this is to salt the hash... but this is just another secret you have to store somewhere or memorize, so we're back where we started.