|
|
|
|
|
|
by Perseids
4303 days ago
|
|
|
>> We can't expect people to use password managers (they're complicated and then centralize everything into a single point of failure). > What about you load a site, get an HTTP 401 response, your browser sends back an auth header with a password generated for that domain name, based on some secret global key/password. You essentially describe a password manager with deterministic password generation. It has all the upsides and downsides of a regular one, except migrating passwords is harder (you need to change them instead of storing them). |
|
|