Split secrets by hand

They say that the formula for Coca-Cola is split among the company’s executives, so that a certain number of them have to get together in order to reconstruct it. The same is true of the nuclear launch codes, which require several persons to agree. I just ran into a clever way to do this with pencil and paper, and couldn’t resist improving on it. Read More

4 cool features in SynthPass

This post is motivated by Aaron Toponce’s comment on my previous article on the release of SynthPass. Rather than giving a short reply, I decided this was the opportunity to explain certain features of my recently released SynthPass password generator. In essence, the comment said that password generators will never be appealing to consumers because of certain flaws emanating from their very nature, which are aptly described in this article, entitled “4 fatal flaws in deterministic password managers,” published November 2016 in Tony Arcieri’s blog.

Read More

My encryption apps updated

PassLok Privacy, PassLok for Email, SeeOnce, and URSA, both in their standalone and extension versions, have all been updated. Besides the usual bug squashing, there are two more significant enhancements:

  1. Fewer errors, which now cause the programs to return to the user rather than interrupt execution. A subtle but maybe important difference, especially for the extensions.
  2. Enhanced password/Key entry. The “Show” checkbox is gone, replaced by a standard “eye” icon on the right of the box. There is also a mnemonic “Hashili” word accompanying the strength score, so users can be reassured that they typed their password or Key correctly.

Read more for a fuller description of Hashili. Read More

Which password generator is the best?

September 2018. You see your user ID listed as having its login compromised in a recent hack. You know you need to change your password but don’t don’t want to (or just can’t) remember yet another different one. Everybody is talking about password managers as the way to go, but you also heard about password generators, which make passwords on the fly rather than store them. You suspect that’s better than a conventional password manager. Read More