Hacker News new | ask | show | jobs
by Osmium 4003 days ago
Yeah, SuperGenPass has great integration too. You can run it almost anywhere, though you have to have some faith (there were proof of concepts against the earlier bookmarklet version, though I believe they've been mitigated by using an iframe approach now, but you're still running crypto in the browser–I probably wouldn't use it for anything genuinely sensitive).

Other 'problem' is that it uses a fast hash function. There was a fork going round that used bcrypt I think, I'm not sure what happened to that.
1 comments
schmooser 4003 days ago
I'm using only mobile version which is a standalone page. I memorized the icon generated for my master password so I can spot if I made a mistake whilst typing.

I also use salted master password for each site, so I'm feeling safe at this.

Regarding "quick hash" or "slow bcrypt" - it doesn't matter here. Bcrypt complexity is to prevent obtaining real password from it's hash. Here we're dealing with real passwords but not hashes.

link
Osmium 4003 days ago
> Regarding "quick hash" or "slow bcrypt" - it doesn't matter here. Bcrypt complexity is to prevent obtaining real password from it's hash. Here we're dealing with real passwords but not hashes.

It does matter. If a website knows that you use SuperGenPass, they can conceivably guess your master password if it's weak as a direct result of SuperGenPass using a fast hash function to generate the site-specific password.

In a scheme like this, the "real password" is the output of a hash function (albeit munged a little bit), so choice of hash function is important. I'm not a cryptographer, but really a key-derivation function seems like it would be a lot more appropriate here than a simple hash like MD5.

link
schmooser 4003 days ago
Still don't get it. Knowing that I use SGP gives attacker nothing. On each guess of master password attacker has to generate pass (quick, using hash) and then GO to website and try to login. And this is very slow compared to hash generation using bcrypt, SHA1 or even md5.
link
Freaky 4003 days ago
That's assuming every website you use with one of these passwords is secure. In practice sites get hacked, fail to enforce HTTPS, databases get leaked, etc.
link
Osmium 4003 days ago
> In practice sites get hacked, fail to enforce HTTPS, databases get leaked, etc.

Exactly. The threat here is that a single SuperGenPass-generated site-specific is leaked somehow (if you use it for a lot of sites, one of them is bound to be storing a password in plaintext, or not using https, or whatever–or, for all I know, the OP is such an important target maybe someone specifically sets up a website to capture a sample site-specific password). Then, using that site-specific password, a determined attacker might be able to recover your master password and then be able to login to all the other websites you use SuperGenPass with. That's the danger of using a 'fast' hash function to generate your site-specific password.

link
schmooser 4001 days ago
Ok, I finally get your point, thanks for detailed explanation.
link