Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for duplicate / re-used passwords #22

Closed
matrss opened this issue Mar 3, 2021 · 1 comment
Closed

Check for duplicate / re-used passwords #22

matrss opened this issue Mar 3, 2021 · 1 comment

Comments

@matrss
Copy link

matrss commented Mar 3, 2021

Hey,
first of all, thanks for the great project!

I guess the title is pretty self-explanatory: it would be great if the passwords were also checked for duplicates, as it's best practice to not re-use passwords.

Off the top of my head and without diving into the codebase, I think this feature would pose 2 immediate challenges:

  1. All passwords need to be hashed upfront and kept in memory to provide somewhat reasonable speed. This might be an issue for VERY large password-store's, but should generally be fine and could also be opt-in/-out.
  2. What happens if only a subset of the password-store is audited. In this case, I think it's fine to also use the same subset to search for duplicates, as the user specifically requested not to touch the rest.
@roddhjav
Copy link
Owner

roddhjav commented Mar 3, 2021

Hi, it is a nice proposal. I will work on it once I get some time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@roddhjav @matrss