Re: [Passwordsafe-devel] new 1.92 features
Popular easy-to-use and secure password manager
Brought to you by:
ronys
From: Jim R. <jru...@us...> - 2003-05-09 03:36:33
|
> Like you, I don't know if your scheme is sound. However to quote a friend, > "Bruce Schneier's 'yarrow' entropy/RNG algorithm was created by people a lot > smarter than me on this subject, and peer-reviewed by other people much > smarter than me on this subject." John Kelsey's 'yarrow', to be precise. He did most of the heavy lifting on that one. For the purposes of pwsafe, it's really overkill. Just capture some entropy (pop up a dialog box saying "move the mouse around" and capture coordinates), hash it up with SHA-1, and use that to generate the password. Sometimes good enough is good enough. Jim R |