4
1
I am interested in a password manager that synchronizes between iOS/Android/WP7 and Windows 7. And does not require me to synchronize through or store my passwords on an online service.
Does such a thing exist?
tnktnk
Posted 2012-01-16T09:44:48.503
Reputation: 193
1
I think the best way to solve this is by using the power of "hashing-algorithms".
The idea would be to generate a unique password of each webpage using only a secret pass phrase, and the name of the webpage and username, instead of storing a list of passwords. This way you never have to sync or store anything on the "web", but will still have a unique password for each webpage.
password = hash(pass + webpage + username)
Given the same values for pass, webpage and username (and the same hash-function), you will always generate the same unique password. The only thing you need to rember is your master pass phrase.
As username and webpages are "unclassified" information, you can write this down on any page.
I have seen a java-script implementation of this idea, however i don't remember the name or webpage.
This could be related to https://security.stackexchange.com/questions/1222/is-there-a-method-of-generating-site-specific-passwords-which-can-be-executed-i
Kenneth Yrke Joergensen
Posted 2012-01-16T09:44:48.503
Reputation: 182
This is great, except when a site has password requirements that prevent your password from working. Then you're back to square one needing a way to record a password that's unique and difficult to remember. – I say Reinstate Monica – 2014-09-18T01:51:48.057
1
Something similar to what you describe is Oplop. It's easy to implement anywhere.
1I really don't think, that such a thing exists. – Feroc – 2012-01-16T10:15:21.457
2iOS and Android and WP7 and Windows 7? KeePass in its various forms might work... – user1686 – 2012-01-16T10:25:17.650
What sort of connection between the phone(s) and the PC are you comfortable with? KeePass can use an action to upload the file to your own server. – daxlerod – 2012-01-16T20:54:55.807
Curious why a cloud solution wouldn't work. . . – surfasb – 2012-01-16T23:44:49.083
Cloud solutions work functionally speaking but I see no technical reasons why there should not be such a solutions. I suspect it has simply to do with the fact that cloud, aka, software as a service, or better said, a subscription service, offers software vendors a more attractive business model. I am sympathetic to that but was curious what if anything was out there that did not require syncing through a cloud service. – tnktnk – 2012-01-17T00:10:07.670
I've used KeePass for years but the folks writing mobile ports for it are all into using Dropbox specifically as a sync go-between, most likely because it offers the easiest API to code against. I'm not much of a Dropbox fan considering their record of securify failures. – tnktnk – 2012-01-17T00:12:11.320