lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 6 May 2014 14:03:06 -0700
From: "Dennis E. Hamilton" <>
To: <>
Subject: RE: [PHC] Hashing password while typing

Overlapping hashing and keystroke entries also doesn’t work well when a password is copy and pasted into the entry from a password safe via a clipboard.
This seems to have a limited use case when keystrokes are being entered to a local application (or a terminal session) and processed individually as received.  That’s not exactly the common case, especially in GUI settings and use of form fields.  
-   Dennis
From: Bill Cox [] 
Sent: Tuesday, May 6, 2014 07:55
Subject: Re: [PHC] Hashing password while typing
On Tue, May 6, 2014 at 10:43 AM, Thomas Pornin < <> > wrote:
Thus, I don't exactly understand what you are trying to say here.

        --Thomas Pornin
Well, I did call it a "dumb" idea :-)  I get inflicted with them a lot.  I agree... it doesn't seem like there's much to be gained with such an approach.  I was hoping someone might see a way to get around the precomputed prefix problem.  I haven't found one.

Content of type "text/html" skipped

Powered by blists - more mailing lists