Am I misunderstanding something or is this not just replacing one password with two salts and another password? What benefits would this have over just generating a password?
You would, in theory, just need to remember your one strong password, like with a password manager (except 2fa and such). The benefit is that you don't need to store anything, just remember your master password and the "salts" are obvious to you, but an attacker with the clear text password would not be able to differentiate a random password to a pashword result. From the generation time and cpu usage on pashword I'd also guess bruteforce is very hard even if you would know it's generated.
YellowTech|3 years ago