[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Release of version 2.3.2 of gnu-pw-mgr

From: Bruce Korb
Subject: Release of version 2.3.2 of gnu-pw-mgr
Date: Sat, 30 Jun 2018 15:12:01 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

GNU gnu-pw-mgr "manages" passwords by re-computing them on demand.
It does an sha256 sum of a long, unguessable string stored in a
protected file conjoined with a never-recorded private permutation of
a domain name.  The result is cropped and twiddled in repeatable ways
to satisfy the password requirements of the intended web site.
By basing the check sum on a permutation of a domain, it winds up
easier to have different passwords for different domains than to
overuse a single password.

Since its initial release, none of the algorithms have changed, so
previously created passwords will still be produced by this modified

New in 2.3.2 - June 2018
replaced --use-pbkdf2 with --rehash and constrain values to 1 to 100,000.
--no-pbkdf2 is deprecated.

The new password formatting option "no-sequence" did not quite work.
Fixed now. Chase Bank will not tell me if my algorithm is correct.
I think it is, but they will not confirm. It is proprietary information.
If you get a conflict, change the --rehash value. And let me know :).

The password modification date is now monitored. The assumption is
that since changes to "--rehash" create a new password, then the date
of changing that is the date of the last change.

The answers to security questions have changed. The original variation
is still printed out, but they change every time you change your
password.  The new variation is based strictly on the password id and
the question itself. Consequently, changing the --rehash value has no

online docs:
gnu-pw-id home:
primary ftp:
bug reports:     bug-gnu-pw-mgr at the usual GNU domain
bug archive:
maintainer:      Bruce Korb - bkorb at the usual GNU domain

reply via email to

[Prev in Thread] Current Thread [Next in Thread]