Is there a way to generate passwords that:

* can be generated with the same result, given a reasonable amount of time, by a human with pen and paper,
* is easy enough to remember the formula if no access to hashing functions,
* and has enough entropy to reasonably resist brute force attacks

Remembered somebody who lost access to all their accounts after losing their entry to their pw manager, and saw this repo (github.com/lesspass/lesspass) to generate passwords without storage and was wondering about going one step further to remove the computer altogether.

Follow

If to a computer, a generated password from a well-made human algorithm is more or less as random as a pseudo-random series of characters, then it seems that the key to maintaining the security is never letting the actual algorithm leave your brain.

· · Web · 1 · 0 · 0

Like the benefit of a human algorithm is there are more or less zero dependencies, assuming you can memorize the algorithm well enough or have a safe place to keep good obfuscated notes. The drawback is that it takes you like 10 minutes to generate every password.

Sign in to participate in the conversation
Merveilles

Revel in the marvels of the universe. We are a collective of forward-thinking individuals who strive to better ourselves and our surroundings through constant creation. We express ourselves through music, art, games, and writing. We also put great value in play. A warm welcome to any like-minded people who feel these ideals resonate with them.