homakov
commented
7 years ago 1) it's not correct that passwords suck. Existing password derivations suck. If we take scrypt at 20,100 even something like 123457 gets impossible to bruteforce. Currently we use 18,6 for the starter and it will get stronger once we implement more close-to-metal algorithm.
There never will be key material because it's another headache for the user and for the central authority that stores it. No way.
2) you're right, i really like this slideshow https://www.facebook.com/about/basics/stay-safe-and-secure/passwords wanna implement first 4 slides above login window.
3) how should it be encrypted? it's a long thread over there, can you highlight key points (that are new to me?) Btw just wrote another post why not https://medium.com/@homakov/why-you-shouldnt-worry-about-the-jaxx-hack-6344a4c4a11
haraldkoch
Deterministic keypair derivation: I get that the idea is to avoid having another file that you must keep secure, but it is well proven that passwords suck. You could have the same smooth integration with a truly random per-device private key. Can even reuse code from PGP and/or SSH keys.
Writing down password: https://securelogin.pw/ says "Make sure you write down your master password" - y'know, that thing that you are NEVER supposed to do. Why would you advocate this?
Plaintext private key: In issue #16, it was stated "Users are encouraged to use full disk encryption and a passcode on their devices. Apps are not responsible for this." - encouraging is not enough. We've been through this with FileZilla, who had to give in after 9 years: https://trac.filezilla-project.org/ticket/2935 - Encrypting the private key does help, as it prevents random malware from making use of the file while the filesystem is unlocked.