From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 69FBD138334 for ; Fri, 8 Feb 2019 14:26:39 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CEB2EE092E; Fri, 8 Feb 2019 14:26:30 +0000 (UTC) Received: from conar.dyndn.es (conar.dyndn.es [IPv6:2a02:c205:3000:5125::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 063A5E082B for ; Fri, 8 Feb 2019 14:26:29 +0000 (UTC) Received: from jeany.aldox.de (p200300C127038800DCADBEFFFEEF3331.dip0.t-ipconnect.de [IPv6:2003:c1:2703:8800:dcad:beff:feef:3331]) by conar.dyndn.es (OpenSMTPD) with ESMTPSA id d3295474 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Fri, 8 Feb 2019 14:26:25 +0000 (UTC) Received: (qmail 4531 invoked from network); 8 Feb 2019 15:26:24 +0100 Received: from heyra.hm.qware.org (HELO webmail.de.dyndn.es) (4sh@192.168.7.246) by jeany.hm.qware.org with ESMTPA; 8 Feb 2019 15:26:24 +0100 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 08 Feb 2019 15:26:22 +0100 From: Kai Peter To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: Coming up with a password that is very strong. In-Reply-To: <20190205211653.57d0b0dc@digimed.co.uk> References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> <4T37M4RU.7P6POHFW.VWXHN7BS@VBETV3G5.Q4J4WRJ3.XBFRTPM4> <20190205211653.57d0b0dc@digimed.co.uk> Message-ID: X-Sender: kp@lists.openqmail.org User-Agent: Roundcube Webmail/1.3.2 X-Archives-Salt: aec344f7-39a1-464c-9c25-c1d4cff33710 X-Archives-Hash: bbc8b8c1ebd4ceebbc20eaf44e773baf On 2019-02-05 22:17, Neil Bothwick wrote: > On Wed, 6 Feb 2019 04:28:49 +0800, Mark David Dumlao wrote: > >> My own solution is actually very simple. I have a "secret algorithm" >> that incorporates several secrets with a predictable way to generate a >> site-specific secret. The end result is a 100% predictable way to >> generate unique passwords for every site that are cryptographically >> secure from each other (you cannot derive >> one from the other) which can be generated by any device using the >> appropriate tools. > > The was a tool in portage this did this. I tried it but it did not work > in the real world because you couldn't set a rule for generated > passwords > that matched the requirements of all sites, for example some require a > non-alphanumeric character while other sites only allow alphanumerics. > > I can remember what the tools was called, although I'm pretty sure it > was written in Python. I'd be interested to know how you get around the > conflicting restrictions as this seems a good way to do things. By using an existing tool you have to live with its restrictions always. But who says that it could not be done? At least Mark's solution will (maybe) not work for everybody (yet), but he did think about an issue and found a way/solution which sounds really reasonable. -- Sent with eQmail-1.11 beta - a fork of djb's famous qmail