matlab - Deterministically generating secure passwords using a publicly visible function -

-

i avoid storing list of passwords, instead reliably regenerate them using publicly visible matlab function. function takes secret key, not stored anywhere, set seed of random number generator.

is secure approach regenerate account passwords need them? secure mean, more vulnerable knowing secret key is?

% start blank slate clear clc  % {url, #symbols, #upper, #lower, #numbers} accounts = { ...     'www.foo.com', [3,3,3,3]; ...     'www.bar.com', [0,4,4,4]; ...     'www.box.com', [0,2,3,2]; ...     }; key = input('secret key: ', 's'); acc = input('account name (url): ', 's'); % clear display clc  % allowed characters s = { ...     '@#$%&*=+'; ...                 % symbols     'abcdefghjkmnpqrstuvwxyz'; ...  % upper     'abcdefghjkmnpqrstuvwxyz'; ...  % lower '123456789' };                  % numbers  % find matching accounts idx = strfind(accounts(:,1), acc);  % generate password each matching account j = 1:length(idx)     if isempty(idx{j})         % skip if there no matching account         continue     end      % salted random number generator seed     rng(sum([key, ': ', accounts{j,1}]), 'twister');      ns = accounts{j,2};     n = sum(ns);      % construct password     p = '';     k = 1:length(s)         v = s{k};         p = [p v(randi(length(v),1,ns(k)))];     end     p = p(randperm(n));     fprintf('password %s %s\n', accounts{j,1}, p) end  % clear variables safety clear

for example, prototype above results in

password www.foo.com q*pzry4@8%3f password www.bar.com 8nz8nwa6c8am password www.box.com wuw3bn9

every time run matlab code input:

secret key: mysecretkey account name (url): www

nice program, weakest point not algorithm, way use it.

obviously not secure type/print passwords in matlab command window. log files kept , somehow scraped password. fact password visible @ time relevant weakness if use outside own home.

the secret key can remain invisible passwordentrydialog. if want use generated pass need either observe visually or put on clipboard. either may not nice in public areas.

from technical point of view possible if put on shelf few years, matlab may not able generate same random numbers anymore. if check whether works in new version before uninstall old 1 should fine.

all in make fine mechanism home use, if can remember lot of individual passwords definately safer. note there several free services available can store passwords (protected master password).


Comments

Post a Comment

Popular posts from this blog

javascript - DIV "hiding" when changing dropdown value -

-
this related previous question asked: hide / show multiple divs i have code in place previous question , seems work ok apart when change value in dropdown "after" ticket selection made. i have number of javascrpts in place wondering if there clash somewhere? first bit of code in head of document. <head> <script type="text/javascript"> $(function() { $('.cat_dropdown').change(function() { $('#paymethod').toggle($(this).val() >= 2); }); }); </script> <script type="text/javascript"> $(document).ready(function () { $(".paymentmethod").click(function () { $(".paymentinfo").hide(); switch ($(this).val()) { case "credit card authorisation": $("#pay0").show("slow"); break;
Read more

Does Firefox offer AppleScript support to get URL of windows? -

-
i trying write applescript that, among other things, gets url of every open webpage in firefox. in safari (and chrome), done simply: tell application "safari" return url of every tab in every window however, seems me firefox offers no real applescript support, such getting url of tab or window. when google terms "firefox" , "applescript" together, firefox bug requests asking applescript support restored, last updated in 2010 or 2011 (like this , this ). am right in thinking, then, firefox no longer offers proper applescript support? realize there semi-workarounds, such simulating key-commands in applescript, aren't practical purposes. to see of applescript commands firefox responds to, launch applescript editor, select menu file > open dictionary... , , choose firefox application. you'll find you're expecting: firefox doesn't offer useful applescript commands.
Read more

android - How to install packaged app on Firefox for mobile? -

-
how test-install packaged (zip) app on fennec? device: physical android phone or android emulator, don't care. install mozilla-apk-cli using npm: npm install -g mozilla-apk-cli use generate "debuggable" apk app either source directory or url mini-manifest: mozilla-apk-cli /path/to/source/dir/ arbitrary-name.apk mozilla-apk-cli http://example.com/path/to/mini/manifest.webapp arbitrary-name.apk (context-click > inspect element on "free" button in marketplace discover mini-manifest url app in marketplace.) install apk on android device: adb install -r arbitrary-name.apk launch app on device. notification area notification port remote debugger server listening on. forward port on desktop, f.e. if port 12345: adb forward tcp:12345 tcp:12345 go web developer > connect… in firefox on desktop , connect localhost @ forwarded port. commence debugging! notes: use nightly builds of fennec best experience. bug 929382 tracks
Read more