[Passwordsafe-users] Rekeying or just password change?
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
[Passwordsafe-users] Rekeying or just password change?
|
From: MSBsDkiUHF M. <msb...@ho...> - 2009-12-10 12:59:22
|
Hi, Let's say that - at some point of time a password repository is stolen and the master password is either known or cracked.- to combat this, master password is changed Will the master password change the internal keying, e.g. future versions of the same repository aren't decrypted? I can think of a few ways this could be implemented, MASTER_KEY = hash(MASTER_PASSWORD).In this implementation, master key will change if MASTER_PASSWORD change. MASTER_KEY = noise xor hash(MASTER_PASSWORD).In this implementation master key could remain same upon password change (i.e. could be vulnerable) So, ... how is it? is rekeying implemented to combat "old version stolen and cracked" scenarios? _________________________________________________________________ Hitta hetaste singlarna på MSN Dejting! http://dejting.se.msn.com/channel/index.aspx?trackingid=1002952 |
