(no title)

"The generated password is also site-unique and thus leaves you more resilient against sites losing their password databases or being outright malicious"

Assuming this tool would become popular, I do not think it would make any difference in scenario you described. If I know that a lot of people use this to generate their passwords, I can:

* guess the door id (e.g. facebook or fb for facebook.com),

* concatenate it to usual attack guess,

* hash the result one more time and continue in exactly the same way as usually.

Bonus for attacker: if any of password databases leaks and attacker manages to acquire your passphrase the above way, he needs only few door id guesses to get access on any of yours accounts.

That's the usual purpose of a password manager. Freeing you from having to remember long and/or complex passwords so you can effortlessly have stronger passwords and more convenience (also different passwords for different services without having to remember them all).

Keep in mind that this is something for personal use to retrieve passwords used somewhere, not for storing passwords for users within a service (at least your confusion sounds like you might be confusing those two things).

The generated password is also site-unique and thus leaves you more resilient against sites losing their password databases or being outright malicious, but the rekeying problem in the grandparent post is a major (essentially fatal) downside.