One issue I see with your hash is using it for sites that have piss poor password policies such as your password can't be over X characters long, or it has to contain letter, number, and limited list of symbols, etc. Your hash could possibly not match the requirements. What do you do in this case?
The final step of the hashing algorithm maps the resulting hash into a character string. The algorithm allows you to customise this mapping to use only a given subset of characters, or given length. Using this feature will require you to store this metadata in your state file, because you rarely get reminded of these password limitations at login, only at registration. Fortunately these sites are rare; the default policy of 8 characters with alpha + numeric + special – and the algorithm makes sure you have at least one of each – works fine for almost all sites.
With the first option, you introduce the need for some state information that you need to store and forever be able to retrieve (and possibly sync between your other devices). You now need a persistent database and you've lost any advantage over just encrypting random passphrases.
Well, maybe. But this state is not highly confidential so you can for example let Chrome store it in the cloud. In practice the number of times a password change is required is small (at least for me), so you can either brute force it (bump until you find the right password) or reset your password if this happens.
The second option starts to move you away from the simplicity or having a single passphrase to remember and eventually leads to just as complicated a situation as just memorizing different passwords for different sites. What happens as the list of compromised accounts increases and some accounts are compromised a different number of times?
Again I see your point. But I've used this system for close to a decade now and I'm only using two master passwords so far. How many passwords have you memorised in the last ten years?
I should emphasise that I wouldn't recommend using this system for everything. I have a completely different set of passwords for banking, and servers I administer, and certain other high-security things. But for general web things I access from home and work, desktop and mobile, coffee shop and library, it works really well and addresses all of the real life threat scenarios I care about. Even if I have to register a throwaway account for a throwaway website, I can still give it a real, strong password that I can recover any time later, even if I don't remember registering for that site. (For full disclosure, the only time the algorithm actually fails is when a site keeps its user database but changes its domain. Then I'll have to remember to update the site tag to the old domain.)
Say there is a security breach and you are forced to update your password. With your hasher you now need to update every single site to use the new password.
No, you have at least two options:
1. Change the site tag. For example, on the Password Hasher Chrome extension, you can hit the "Bump" button which replaces "slashdot" with "slashdot:1" and gives you a new unique password. The new tag gets stored in the extension settings. I don't use this but it works, and would be good for sites that actually require periodic password updates.
2. Change your master password for that site only. I use a completely different master password for the two or three sites which I know may have been compromised. It's not hard to remember which ones these are.
True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.
Exactly the same as an offline password manager, so no benefit.
Except this file does not need to be secure in any way.
It does. If someone has your salt and the URL of the site, and say that site gets compromised
...or they are the site owner...
so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.
First of all, in practice I don't back up the settings file anywhere, as almost all sites work fine with the default settings and the ones that don't I either remember or just reset the password for if required.
Having said that, your point is valid but not an actual concern for me. If someone wanted to waste lots of CPU power brute forcing my (long, random, high security) master password, they probably could do so. But just never reusing passwords is generally enough to limit the damage of the inevitable database leaks and hacks, which is the actual, realistic threat we're dealing with here. Never using the same password twice is the most important protective measure you can take, and hashing is, imho, the most frictionless way to do it.
You could also choose to limit any potential damage by having a few master passwords for different classes of websites.
If an attacker steals your master password they still get everything.
True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm. Obviously keeping this one master password safe is extra important, but as you only need to remember one, you can probably afford to give it a bit more entropy.
Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.
Except this file does not need to be secure in any way.
Password managers seem like an inherently terrible idea, particularly onlines ones.
Can someone explain to me why password hashers are not more common? I've used one for years and really can't understand why nobody else does. Take the master password, append (a portion of) the site's domain name, and hash to arrive at a random password. There's only one password to remember, you get a unique strong password for every website, and everything can be done offline without storing anything anywhere. There are extra refinements to create new passwords to replace e.g. compromised ones, or conform to the site's password length and other requirements, but they are trivial. Extensions are available for browsers and mobiles.
To be fair, it's not complex, it's imaginary.
If you want to be a smartarse about it, get it right. Imaginary numbers are complex numbers whose real part is zero.
The software version "3i" is affected.
As a general rule, when your version numbering system needs to use complex numbers, something's going wrong with your project.
Why would you think it's too non-PC? As good skeptics, they go where the evidence leads. Overdiagnosis is a well known thing in skeptical circles.
As for annual physicals, I'm pretty sure that's only a thing in countries with privatised healthcare. I don't think the NHS has ever proposed such at thing.
Too many people are thinking of security instead of opportunity. They seem more afraid of life than death. -- James F. Byrnes