Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The problem with PBKDF2 however is that if you pick a weak password it's useless. It would be better if they included an option for a key as well like other password safes do.


"The problem with INSERT-SOMETHING however is that if you pick a weak password it's useless"

When is this not the case?


When you have a key as well.


> It would be better if they included an option for a key as well like other password safes do.

I would love to see research about the use of keys and passphrases. Especially, do people who have a key then chose a weaker master password?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: