On Monday, October 3, 2016 at 7:09:06 PM UTC-4, jkitt wrote: > it's a stupid mess. People don't deal with it. > > It would be nice if there was a specification, other than a shitty vulnerable > USB, that would allow the plugging in of a key that stored a GPG private key. > That way even your grandma could automagically sign an authentication token. > Such a key-fob would have it's own hardware - to receive requests and > possibly basic PIN authentication; or even fingerprint - if it was completely > isolated (as in never leaves the device); the authentication module would be > on the device itself and not through the OS. The idea is that the device > itself functions like a removable TPM chip. > > Although I personally don't trust hardware that stores fingerprint data - it > is feasible for this method to be implemented rather securely and openly (as > in libre) > > In the meantime, I intend soon to make a firefox addon or plugin that stores > a salt and domain in the firefox sync database. combine that with a standard > manually inputted password to create an HMAC; which can be then be encoded > with ASCII values from a lookup table. The result would be a completely > random password for every domain. To change the generated pass you would > change the salt. The salt is stored in firefox sync but your password is not. > > I won't get to implement this until I finish UNI in a couple of years. Until > then I'm stuck with what I have.
what do you think of this to manage online identities? https://www.grc.com/sqrl/sqrl.htm It looks interesting, but again you still need at least a "master" password. I guess this is nice in the sense that there is no other passwords in a database for a hacker to steal, like in a password manager or site data...cough...yahoo...cough. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/15016a29-ab2e-4904-b3a1-0741fb32f89b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
