1. 3

I wanted something simple and self-contained with no external dependencies other than standard library.

Example usage:

$ p lobsters
wnii+IS1c1beokiD6X25

Functions are extracted from Django framework as they were speedier than other PBKDF2 implementations I tried.

In response to SGP, PwdHash, PassHash, Vault and others.

  1.  

  2. 1

    This is now available here:

    http://dl.ramov.com/p

    Rewritten in Perl with no external dependencies so it can be used directly on a fresh OpenBSD install.

    1. 1

      Isn’t it made much less secure by using a site-specific or otherwise guessable salt?

      1. 1

        It’s a trade-off. What’s appealing about this is that you only need to remember your master password and generate site-specific passwords from it on the fly. All the linked projects work the same. If you use a strong passphrase, it shouldn’t be an issue.

        I started off with SGP a while back, used Vault briefly and then migrated all my passwords to my own solution recently as I wanted to use it from the command line without any sort of setup. I.e. just fetch it from network on a clean install.

        You could also use trickier salts, but I don’t go to such lenghts.

        1. 2

          Oh, I didn’t realize this was a master-password thing. From your usage output it just looked like you give it a site name as a salt and it generated a random one-time password to be used on the signup page, to be stored somewhere else.

          1. 3

            Ah, forgot to paste in passphrase prompt, too bad I can no longer edit original submission. It was supposed to go like this:

            $ p lobsters
            Please enter passphrase:
            wnii+IS1c1beokiD6X25
            

            Thanks for noticing.