I’m using KeePass currently, since I don’t really want to use anything publicly hosted. But I was curious to see what other people have been using!
I rolled my own, actually. I don’t store any passwords (even encrypted). Instead, I just append the site name to my base password (which is in my head), hash it, and base-52 it. (I also start each password with the same uppercase letter, lowercase letter, punctuation mark, just to ensure it gets past any bullshit filters)
I like that there’s nothing that can be leaked (except what’s in my head) and nothing to be lost and nothing to back up.
Can you please elaborate on each step. I’m not sure on the hash and base52 - do you use a program you’re written to do that for you? A simple example would be fantastic.
Yeah I wrote the code for it. It’s simple enough that I could write it again if needed.
By “hash” I mean SHA256 (though if I were to do it all again, I would probably use a different hash algorithm these days, but whatever, good enough). “base52” means turning the SHA256 binary code into a sequence of letters/digits. That part I wrote, too, but it’s quite straightforward.
quiet similar to what Masterpasswordapp does!
That’s ingenious.
Can you elaborate on a detail for me?
I understood everything up to “base-52 it.”
I understand how converting base-10 to base-52 works, but that doesn’t include alphabetical characters. What are you converting from? Are you numbering A=1, B=2, C=3…?
Sorry I just realized I should have said base 62. That’s all the letters and numbers, plus digits, too.
The hashing step gives you a binary sequence, so you’re actually converting from base 2, not from base 10. You treat the result of the hash as a giant binary integer and then repeatedly divide by 62, keeping track of the remainder. 0 = 0, 1 = 1, …, 9 = 9, 10 = a, 11 = b, …, 36 = z, 37 = A, 38 = B …, 61 = Z