Browse Source

update readme, fine-tune the secret length disclaimer on the app, and update the screenshot

forest johnson 1 year ago
parent
commit
59526c5253
3 changed files with 16 additions and 9 deletions
  1. 10 6
      ReadMe.md
  2. 6 3
      index.html.gotemplate
  3. BIN
      screenshot.png

+ 10 - 6
ReadMe.md

@ -43,21 +43,25 @@ It was designed that way to strengthen the claim that "everything it sends out f
43 43
44 44
 It will also work even if your device has no internet connection, of course any changes will not be sent to my server or to S3 until you can connect again.
45 45
46
 It uses a naive approach to keep all 3 data stores in sync: When writing, it will attempt to write to all 3 and tolerate failures. When reading, it will compare the `lastUpdated` timestamps on all versions that it received, and if they don't match, it will issue a `PUT` with the most up-to-date version.
46
 It uses a naive approach to keep all 3 data stores in sync: When writing, it will attempt to write to all 3 and tolerate failures. When reading, it will compare the `lastUpdated` timestamps on all versions that it received, and if they don't match or if one is missing, it will issue a `PUT` with the most up-to-date version.
47 47
48 48
 That means if you happen to make conflicting changes, there is no real conflict resolution. The latest one wins.
49 49
50 50
## Encryption Key User Interface Disclaimer
51 51
52
 You are allowed to use whatever seed you want for your AES key. If you pick a weak seed and get hacked, that is your fault. The application warned you about it. It was even red, bold and underlined!
52
You are allowed to use whatever seed you want for your AES key. If you pick a weak seed and get hacked, that is your fault. The application warned you about it. It was even red, bold and underlined!
53 53
54
 The application includes an HMAC-SHA256/mouse-movement based entropy generator to create a secure ~128 bit key, encoded in base 10,000. It will appear as a collection of a few english words/phrases. An example:
54
The application includes a timestamp + mouse-movement + SHA256 based entropy generator to create a secure ~128 bit key, encoded in base 10,000. It will appear as a collection of a few english words/phrases. An example:
55 55
56
 `bedrooms confirmation decor generic wondering temperatures bm retreat beer`
56
`bedrooms confirmation decor generic wondering temperatures bm retreat beer`
57 57
58
 Assuming you could use [top-of-the-line hardware](https://en.bitcoin.it/wiki/Mining_hardware_comparison) (A Bitmain Antminer S9 in this case), how long would it take to guess every possible combination of words? [A very, VERY long time](https://www.wolframalpha.com/input/?i=(10000%5E9)%2F(1.4e%2B13)+seconds+in+years)
58
Assuming the attacker had access to the ciphertext and could use [top-of-the-line hardware](https://en.bitcoin.it/wiki/Mining_hardware_comparison) (A Bitmain Antminer S9 in this case), how long would it take to guess every possible combination of words? [A very, VERY long time](https://www.wolframalpha.com/input/?i=(10000%5E9)%2F(1.4e%2B13)+seconds+in+years)
59 59
60
 For comparison, under the same scenario, a key with only 4 words would be cracked within **10 Minutes**.
60
For comparison, under the same scenario, a key with only 4 words would be cracked within **10 Minutes**.
61
62
Does that mean a key with 4 words is not secure enough? It might depend on the situation. 
63
64
Casual remote attackers probably won't have access to the ciphertext since they would have to look at your localstorage or guess a gazzillion things over HTTP. I just put a scary disclaimer on the app since I don't want to be holding people's weakly encrypted data.
61 65
62 66
## License
63 67

+ 6 - 3
index.html.gotemplate

@ -46,9 +46,12 @@
46 46
      Continue
47 47
    </button>
48 48
    <p class="instructions">
49
      This is an encryption key, not a password. Save it somewhere <u>secure</u> so you don't lose it. We can't recover it for you.<br/>
50
      This is the only thing protecting the data you enter here from being publicly avaliable, so it should be <u>extremely long and hard to guess</u>.<br/>
51
      It needs to be so long that even a supercomputer can't guess it. It should contain about 128 bits of entropy. If you are in doubt click generate.<br/>
49
      This is an encryption key, not a password. Save it somewhere <u>secure</u> so you don't lose it. <u>No one can recover it for you</u>.<br/>
50
      Unless you trust me and trust AWS, this is the only thing protecting the data you enter here from being publicly avaliable.<br/>
51
      If you are super paranoid, it needs to be so long that even a supercomputer can't guess it. <br/>
52
	  (about 128 bits of entropy, the generate button gives you that)<br/>
53
	  <br/>
54
	  If you trust me and you trust AWS, or you don't think anyone will be dusting off the ol' GPU farm to crack your passwords, then something like four words is probably fine.<br/>
52 55
      <br/>
53 56
      SEQUENTIAL READ PASSWORD MANAGER IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND. <br/>
54 57
      For more information see the <a href="https://github.com/sequentialread/password-manager/blob/master/LICENSE">LICENSE file</a> on GitHub.<br/>

BIN
screenshot.png