PasswordMaker Forums

Other Editions => Other Editions - Feature Requests / Enhancements => Topic started by: Grey Knight on December 28, 2007, 02:32:23 PM

Title: Add 2nd modifier field
Post by: Grey Knight on December 28, 2007, 02:32:23 PM
The current modifier field can be used for:

1) Handling expiring passwords, by allowing a version number etc.

2) Adding a salt

But doing both is difficult with just one field. I have passwords that expire, so have the need to version passwords, and also have extreme paranoia over rainbow tables, and also want to be able to add a salt. So, I'd like a 2nd "modifier" field. What exactly they are labeled is not of great concern to me.

Thanks,
Shawn
Title: Re: Add 2nd modifier field
Post by: Eric H. Jung on December 28, 2007, 02:41:52 PM
I think that can be arranged. That's pretty straightforward. But can you explain how two fields will provide more security than one? Can't you separete your version number and salt with a space or other delimiter in the existing field?
Title: Re: Add 2nd modifier field
Post by: tanstaafl on December 28, 2007, 02:52:52 PM
Quote from: Eric H. Jung on December 28, 2007, 02:41:52 PM
I think that can be arranged. That's pretty straightforward. But can you explain how two fields will provide more security than one? Can't you separate your version number and salt with a space or other delimiter in the existing field?

Yeah, I think this makes more sense... and adds a small layer of difficulty in reproducing for someone trying to reproduce your settings.
Title: Re: Add 2nd modifier field
Post by: Grey Knight on December 28, 2007, 08:09:41 PM
Quote from: Eric H. Jung on December 28, 2007, 02:41:52 PM
I think that can be arranged. That's pretty straightforward. But can you explain how two fields will provide more security than one? Can't you separate your version number and salt with a space or other delimiter in the existing field?

I could do both in one field, but the use case is awful -- I'm pretty sure I can't get my wife to deal with that! And one of my goals here is to push the entire household to adopt PasswordMaker.

FWIW, I also figured out a nice way to make the salt. https://www.grc.com/passwords.htm is a great source for keys, but they are impossible to reproduce (duh). Instead I can use PasswordMaker to create an n character "password" for the virtual site "passwordmaker.salt" & set the rest of the parameters to something easily recalled. Thus when "away from home" I can still quickly & easily recreate the salt.

Thanks,
Shawn