← Back to context

Comment by gmuslera

2 days ago

Not all sites are safe, either by design or by people running them. Having a common secret+service name as password AND having at least one of those sites leaking your plaintext password could mean that your derivation may go public and all your other passwords and services fall because of that.

2 comments

gmuslera

Reply
listeria  2 days ago

presumably the derivation would involve a cryptographically secure, non-reversible function so as to not compromise the secret should one of them be leaked.