Password managers are not without security flaws, as seen in a recent high-profile breach. The database storing all the user's passwords is a very attractive target for hackers. Spectre is a new password manager that aims to solve this problem by using a unique password generation and management approach.
It sounds like a cool concept, but I can’t see anyone migrating to this service since there is no logical way to import your current passwords.
If one password is leaked, it should let you change the key for just that one service. Eventually, you could have a bunch of different keys for different service. But then you will need some manager for remembering all those different secrets. Yay!
I see they have a counter that maybe you can set? Then I guess you just need a manager to store the counters, which seems fundamentally the same
See my response a few comments down this thread. I found the counter and password-template too. I don’t have an iphone so I can’t test the app, but I very much think this app stores the ‘settings’ (counter, template) to generate the password. Based on what the api and CLI can do… it has to, surely. It also has the ability to retrieve a custom password.
Of course the webapp in the link doesn’t do all of that. You’re stuck with 1 password in 1 format. Unless you change your secret and then all your passwords change.
If one password is leaked, it should let you change the key for just that one service. Eventually, you could have a bunch of different keys for different service. But then you will need some manager for remembering all those different secrets. Yay!
I see they have a counter that maybe you can set? Then I guess you just need a manager to store the counters, which seems fundamentally the same
See my response a few comments down this thread. I found the counter and password-template too. I don’t have an iphone so I can’t test the app, but I very much think this app stores the ‘settings’ (counter, template) to generate the password. Based on what the api and CLI can do… it has to, surely. It also has the ability to retrieve a custom password.
Of course the webapp in the link doesn’t do all of that. You’re stuck with 1 password in 1 format. Unless you change your secret and then all your passwords change.