WingNews logo WingNews
top | item 24237588

(no title)

dicekeys | 5 years ago

The author of that post is on the DiceKeys advisory board.

At some point, you're going to feed the entropy source into software. Having the app be part of your trusted computing base reduces the chance of a data-entry error that could leave users forever without their data.

discuss

order

cactus2093|5 years ago

Feeding the entropy source into software might take many different forms depending what is the password to (e.g. login/full disk encryption key on your computer, password manager master password, password to a specific online service, etc). For most uses you'll have to enter it as text, and have to enter it multiple times, potentially on different devices that you are accessing the service on.

For almost any real-world use case, memorizing the password and typing it in on a keyboard is pretty much a necessity. There are many kinds of inputs that don't allow another software like DiceKeys to enter the secret, so I'd still definitely rather stick with the simpler, human-readable option.