Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Except if your password gets compromised on two sites than hackers could identify the pattern and compromise every account you have.


Yes, but that is also the case if your password manager's password gets compromised.


that's a very very different scenario. your password manager's password is not sent over the wire, and you know it to have very secure hashing. it is stored only on your hardware

not so with external websites — if you use the proposed strategy on two websites with poor security (something which is completely opaque to you), your passwords are compromised.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: