A new way to deal with passwords. Facts Derived Passwords.
PROBLEM
I want to have unique strong passwords for every sites that I register. But, remembering them is hard.
Password managers are a possible solution.
But I don’t like relying on some service and database.
My mind is uncomfortable thinking “What if that site went down?”
😧
So, I came up with Facts Derived Passwords
What is FDP?
Facts Derived Passwords (FDPs) are the passwords derived from,
- Public Facts (email, domain and id)
- Private Facts (master password)
It mashes up all the facts into a single string using the AES encryption algorithm, to use it as a password. So, its not stored in a database.
Internet isn’t needed to generate FDPs.
All you have to remember is the master password.
All other stuff are not secrets (including algorithm).
How to use FDP?
Registering/logging in,
Go to the FDP generator;
Enter your email;
Enter the domain of the site that you are registering/logging in;
Enter 0 as ID;
Generate FDP and use that as password;
Changing passwords,
Go to the FDP generator;
Increment the ID by one;
Generate FDP;
change the password of the site to the new FDP;
Don’t forget to note down the ID of the FDP that’s currently used in a site, and use it when you are generating FDP to log in. Its not a secret. so, you can store it in google drive or something.
AND I plan on making a chrome extension for FDP generation in future.
Good luck for dealing with passwords.