# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 15
# self = https://watcher.sour.is/conv/px7hsvq
interesting take on managing passwords π PBKDF2 is not a new concept though π
interesting take on managing passwords π PBKDF2 is not a new concept though π
Many, many, many versions like this have been around for a long while. This one is further complicated for no reason: everything it does it can be done in the browser, with JS.
It was good then, but it doesn't adapt well to newer times. No support for OTP. No autofills. Meh.
Many, many, many versions like this have been around for a long while. This one is further complicated for no reason: everything it does it can be done in the browser, with JS.
It was good then, but it doesn't adapt well to newer times. No support for OTP. No autofills. Meh.
@david good point, it is feature lacking. I think it will be handy for the use cases @carsten has pointed out.
Add the computed password to your current manager for BAU features whilst having the ability to compute the password anywhere, for those use case credentials.
@deebs @david Do you think an implementation like LessPass with all the required UX improvements would be a useful addition in general? π€ It _might_ be easier to get folks like my wife to use this over an actual password manager? π€ I agree it has to have auto-fill (browser extension) and a mobile app and OTP. But other than that the basic cryptographic primitives behind this seem rather solid. π
@deebs @david Do you think an implementation like LessPass with all the required UX improvements would be a useful addition in general? π€ It _might_ be easier to get folks like my wife to use this over an actual password manager? π€ I agree it has to have auto-fill (browser extension) and a mobile app and OTP. But other than that the basic cryptographic primitives behind this seem rather solid. π
@prologic to keep things simple, perhaps an auto-fill browser extension which automatically uses the URL FQDN as a realm (to remove manual realm input each time) and securely stores the master password so theres no user input.
@deebs It would need to store a counter too so you can change the password, but yeah otherwise that sounds like a solid design π
@deebs It would need to store a counter too so you can change the password, but yeah otherwise that sounds like a solid design π
@carsten Nothing. I use pass -- The Standard UNIX Password manager as well as the Go rewrite/port gopass
I have no issues with either, I use them both.
It's getting others to get into a healthy security hygiene.
@carsten Nothing. I use pass -- The Standard UNIX Password manager as well as the Go rewrite/port gopass
I have no issues with either, I use them both.
It's getting others to get into a healthy security hygiene.
@prologic I use Dashlane on a family plan but getting my fiancΓ© to use it as well (as opposed to Chrome's built-in password management) is an uphill battle π