From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A0CF5138334 for ; Tue, 5 Feb 2019 21:17:14 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6BD20E0839; Tue, 5 Feb 2019 21:17:08 +0000 (UTC) Received: from smarthost03b.mail.zen.net.uk (smarthost03b.mail.zen.net.uk [212.23.1.21]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 07CF1E0823 for ; Tue, 5 Feb 2019 21:17:07 +0000 (UTC) Received: from [82.69.83.178] (helo=mail.digimed.co.uk) by smarthost03b.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gr85a-0001lT-Fw for gentoo-user@lists.gentoo.org; Tue, 05 Feb 2019 21:17:06 +0000 Received: from digimed.co.uk (fenchurch.digimed.co.uk [192.168.1.6]) by mail.digimed.co.uk (Postfix) with ESMTPA id CDE3662654 for ; Tue, 5 Feb 2019 21:17:05 +0000 (GMT) Date: Tue, 5 Feb 2019 21:17:01 +0000 From: Neil Bothwick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: Coming up with a password that is very strong. Message-ID: <20190205211653.57d0b0dc@digimed.co.uk> In-Reply-To: References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> <4T37M4RU.7P6POHFW.VWXHN7BS@VBETV3G5.Q4J4WRJ3.XBFRTPM4> Organization: Digital Media Production X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu) X-GPG-Fingerprint: 7260 0F33 97EC 2F1E 7667 FE37 BA6E 1A97 4375 1903 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/6nEpTYZ8Bqc=Ep+v3ysGHD6"; protocol="application/pgp-signature" X-Originating-smarthost03b-IP: [82.69.83.178] Feedback-ID: 82.69.83.178 X-Archives-Salt: da74795f-84b0-4afe-81e5-807d8eedeb67 X-Archives-Hash: aa60644f84e5adddaeccde0cb3e348ff --Sig_/6nEpTYZ8Bqc=Ep+v3ysGHD6 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Wed, 6 Feb 2019 04:28:49 +0800, Mark David Dumlao wrote: > My own solution is actually very simple. I have a "secret algorithm" > that incorporates several secrets with a predictable way to generate a > site-specific secret. The end result is a 100% predictable way to > generate unique passwords for every site that are cryptographically > secure from each other (you cannot derive > one from the other) which can be generated by any device using the > appropriate tools. The was a tool in portage this did this. I tried it but it did not work in the real world because you couldn't set a rule for generated passwords that matched the requirements of all sites, for example some require a non-alphanumeric character while other sites only allow alphanumerics. I can remember what the tools was called, although I'm pretty sure it was written in Python. I'd be interested to know how you get around the conflicting restrictions as this seems a good way to do things. --=20 Neil Bothwick MIPS: Meaningless Indication of Processor Speed --Sig_/6nEpTYZ8Bqc=Ep+v3ysGHD6 Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEGfLZTV7dXdQXh/dDdCdyyQfftocFAlxZ/U0ACgkQdCdyyQff toe0tg//YbEMzhKOo2n3a7qW0BixAaSVdjFirar99OLPoYVzFyciyJ4D8zpyOtNe N+bwOrz28HvdmZkYgqIKkJD3KdW0coK4P/UdkVEZC7mAatTVEui6JZiRgJt1ZvYg ZiqB/FsqR+UmDNNFl0hfKtP7vPg/+I3VpAswHsQf527zjahzisiY3aTj1G1Ai0MM 1sVhb8BmJrIsM7tKcNLoJ212X8AcQa8oINMbAMyCxvKry5gaeNUJrUFck0opc3dn krsQxFXKAgk51gBPp4q+CnL0US9R3C6TLhiutgAQT+GPNgDqJtTXqig50XBohauW ocWHJHTSJMcjN+9NcpU+e0qKNeRzik6klh1kdsOZ2aVonzr/JFAgnSni3r5iyzp3 b/A3M1nALHTLW3ZPzfcG4kgpbjpIRitze/X8LOpGDJVyYl8jYG06TMiU1KuLug9G wwYYVcsujvXfCrW1Kf+Qgi3Z7VDVa/MW84ovTNS5KcX93G7qHgsOiCCRoc5dThMd FsqmRLMm15eBnn64Yw//oUk51/DJnynmy0srX+vAbgh7OkQFKEll8jWCR8/COXNV 8VXsFD7Mvi4RuFU2ymXcJk+ZwuVXH+sycNAQlDzh0Jk5cGFkxgb1BmDu116I818Q BEfnkREph/SjFOUYiCgyWgF8k3XRjxaxHDKjpxxFGqXs57pWRBc= =nVn4 -----END PGP SIGNATURE----- --Sig_/6nEpTYZ8Bqc=Ep+v3ysGHD6--