[pass] Feature requests: scrypt key derivation / salts
Jonas Wagner
j.b.w at gmx.ch
Sat Dec 28 07:28:18 CET 2013
Hi,
first of all, thanks for pass. I found it today, and will migrate from
KeePassX because the concept makes so much sense.
I do have a security concern, though. Because my master password has
limited entropy, I would like to derive the encryption key from the
password using an expensive operation (ideally scrypt). Is there already an
easy way to do this? What do people think of this idea?
If this feature does not exist yet, I'd be willing to contribute some code.
Any hints on where to insert my changes, and what coding guidelines to
follow, would be appreciated.
While we're at it, I think a salt should be added to the encryption.
Otherwise people who use the same password for multiple sites (yeah I know
you shouldn't...) will reveal this fact because the encrypted password
files are equal. Is this already done by GPG or pass?
Cheers,
Jonas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20131228/db0ddd23/attachment.html>
More information about the Password-Store
mailing list