Password managers are not without security flaws, as seen in a recent high-profile breach. The database storing all the user's passwords is a very attractive target for hackers. Spectre is a new password manager that aims to solve this problem by using a unique password generation and management approach.

It sounds like a cool concept, but I can’t see anyone migrating to this service since there is no logical way to import your current passwords.

Am I missing something?

  • dudeami0@lemmy.dudeami.win
    1·
    1 year ago

    In practice, it’s a database that is regenerated on the fly. In a traditional database, it’s an encrypted file full of passwords. In the case of spectre it’s a key derivation function that regenerates the same password each time. From the perspective of a user or attacker, there is no real difference except maybe the resources used to regenerate the password.