Re: Command-line password manager?
This is a variation Of what I do, except its simpler and done in my head.
To get my (for example)Bank password the need to.
A)get my bank hash and guesstimate an apparently random 11+ digit password.
B)
1.get at least two other sets off hashes, (they prob have my old yahoo and linked in )
2. guesstimate two different apparently random 11+ digit password,
3. take those two passwords and try and work out what my "internal algorithm"
4. Find my banking username and generate my bank password.
5. do this before my rolling password resets complete(About 2 years)
remember related but not the same is as far as hashing is concerned completely different.
The way I see it I trust NO-ONE with my hashes now and assume them all vulnerable to guestimating.
so if A) is "secure enough" for me then the B step 2 x B step 2 difficulty is secure enough for me.
Remeber you cant outrun the (fancy)bear, you just need to outrun the other internet users.
(eg your password just needs to be hard enough to take too long to guesstimate, and as your banking password only need to be twice as hard to crack just make it ONE digit longer)