Hacker News new | past | comments | ask | show | jobs | submit login

As the other commenter pointed out, you need to carry your salt with you to deduce the actual password. On top of that, you need to keep your salt secret, otherwise it is trivial to deduce your password. So your system [password = hash(master password, salt, domain)] is exactly the same as a master password protecting several other ones. Just use your salt as a password directly at this point...



Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: