Please tell me I am missing something. There is no salt. The hashing algorithm is hence vulnerable to a simple dictionary attack. It does not matter if you do a gigazillion rounds. Someone can still pre-calculate a list of common passwords and then test that list against each and every user.
Correct, there is no salt. A dictionary attack will uncover common passwords. It's crucial to pick a strong secret key. That's the price you pay for using a stateless password manager.
However, the gigazillion rounds are not for nothing. That is the defense against brute force attacks, which could otherwise crack passwords even if they are random.
I have made a CLI stateless password manager for myself once (still use it, actually) and I generally "solved" the salt issue by providing the salt manually.
Examples:
syntax: gassy salt base [password length || 16]
gassy spoiler news.ycombinator
gassy email@personal.me home_email
gassy name@ work.com 32
in the next step you're prompted for a password (with echo off). Also, it calculates a token based on the salt which determines in which way the password will be generated.
I know it's not ideal, but it served me well so far! :-)
and the best part is you can't change your password in case some website becomes compromised and the hash is leaked. (without changing the secret key and as the result changing all passwords on all websites).
"If a generated password is ever compromised, you don’t need to memorize a whole new secret key and update all of your passwords. For that service only, just add an incrementing index to your secret key. For example, if your key was bananas, just use bananas2. If you can’t remember which iteration of your secret key you used for a particular service, simply try them all in order."
In particular, you don't have to use the same secret key for all websites. It's okay to slightly modify one if that password is compromised.
I use a similar tool (pwdhash) and the benefit is not that it's a single password but a single root password. I need only a few changes and very little to remember for most sites and still get a unique password per site.
My bank requires me to change the password every 3 months or so and I only need to change on digit in what I remember and they see a whole new password.
It's a great benefit to me and to overall security.
How secure is it overall? Somewhat more secure than just using a single password for all sites and better trust compared to using a cloud based password storage.
You don't have to memorize them, though. If your master key is "bananas" and it didn't work, try "bananas2", "bananas3", etc. But you don't need to remember them all—because they're all essentially the same.
Hopefully this happens infrequently enough that it's a non-issue anyway.
from TFA: "If a generated password is ever compromised, you don’t need to memorize a whole new secret key and update all of your passwords. For that service only, just add an incrementing index to your secret key".
The extension doesn't force you to use one master password, and it doesn't have to be a dictionary word, too.
I think adding options like an auto expiring password (adding the month or year etc as a salt) can improve this further. But I like the idea in general.
