passmass
passmass copied to clipboard
Security issue: using HMAC on the passphrase directly is brute-forcable
I only briefly looked at the code after seeing it on lobste.rs, but it appears that this uses HMAC with a passphrase as the key directly.
If you can get a user to register for 1 website, an attacker can then brute-force HMAC key, and compute the password for all other websites.
Having a human-memorizable passphrase used directly as an hmac key is not secure. If you want to continue on this approach, you must use some kind of password-based key derivation function, such as scrypt.
thanks for your advice, I will definitely take it into account