Restoring the generated password


Warning: count(): Parameter must be an array or an object that implements Countable in /home/styllloz/public_html/qa-theme/donut-theme/qa-donut-layer.php on line 274
0 like 0 dislike
6 views
I have an idea, echoes of which I met on habré under encryption. The idea of this. Create a closed shape, is only available to customers where the customer enters the name of a user and a machine generated password, which is generated from the name of the user. For example, he introduces pavel. The line passed through a few algorithms and given it a strong password type xA7$6!v1. If the customer loses the password — will generate again.

How safe is this idea? In addition, attackers could obtain the algorithms generate a password from the name, how great is the danger of obtaining a good name from the code? Is Le to do something like that?
by | 6 views

6 Answers

0 like 0 dislike
And that password does not change if the attacker recognized him?
by
0 like 0 dislike
The main thing is to make a complicated login, tipo D4^3fnbD#@fdsbseij#45@58*&@)(*kdfi
by
0 like 0 dislike
So, if I understand correctly your idea that wanting to access the account Paul I'll just have to go and generate a new password according to the word of pavel, right?
by
0 like 0 dislike
Well, what anyone would guess that you have such a system, is not very large.
\r
But not safe if people will guess, it can attract interest and he will be able to register a lot of ACC-s and solve your algorithm.
by
0 like 0 dislike
Read the hash algorithm SHA-1. You need to do something similar and more lightweight. Most importantly, to your function of generating passwords is not addressed.
The hash function is drawn, if the hash of the image, you can restore the original text.
\r
By the way, in Windows the passwords are not stored physically. When you specify a new password the system calculates a hash of the image and saves it. When you enter your password to authorize the system finds the hash for the entered password and compares with his. If the same, then the password is correct. And if an attacker will break the place of storage of passwords, except the hash image it won't find anything. And from the hash of the image, the password cannot be recovered, even if he's in ten times more of the password. Interesting, thing.
by
0 like 0 dislike
As a purely personal password generator all you can, but it is always necessary to understand
1) What is the procedure for "Incident response handling" for Your solution — what to do if a Fox came and something assembled
2) the Password for the authentication system is something that knows Mr. X and not Mr. Y. knows No options. If someone knows the algorithm used to generate the password, and guess the original data, then system — You.
by
110,608 questions
257,186 answers
0 comments
27,899 users