I have to yet read up if it is safe to use
with a single key, i.e. encrypting n passwords with the same secret key.

Make sure to use salting in this case. Otherwise using the same password for multiple sites/keys would be visible.

You also want to hide the keys themselves to protect your password storage from profiling attacks. For example encrypt a dictionary that maps the real key to some randomized filename where the encrypted password is stored). I've done something like this with horrible shell scripting and using gpg for encryption:


Reply via email to