random thought: someone should make a password manager that doesnt store your passwords, but instead, hashes your own password for you whenever you login/signup to a website.
so you dont have to remember weird complex passwords, your password manager doesnt have to store anything, and you can trust that your passwords are hashed regardless of the website’s security
comments
you don't. but you would be able to generate the hash again using the key
then you would have to remember passwords or have the password manager store the passwords (you must have the password to login with a password)
I guess that’s the point. You have the convenience of a 4-digit code with the security of a normal password manager.
hmm i see.. but wouldn’t you need slightly different passwords for each site to make sure the hash is different?
but what would the advantage be over the password manager just generating a secure password that’s random each time?
the passwords dont have to be stored, and if you lost your passwords, you just need the encryption key+the same password part. but this idea isn’t really fleshed out yet. you woulnt be able to have salts among other things
you’d have to store the passwords somewhere in the cloud though because if you loose them you can’t sign into anything
it would hash them with a per site encryption key. something like sdfghsdjkfghjsdfgjhksdhjkfghjsdfgjh-wasteof.money