Hi all! I’m currently working on a personal assistant bot (no 3rd parties involved, self hosted) that uses one SQLite file as its single source of truth. I would like to add password manager functionality to this so I can e.g. ask it to fill out online forms or save registration information. All passwords would be saved to the SQLite database hashed and salted with AES-256 and they’d need a master password (not stored anywhere) to be decrypted.
I know the golden rule is to not roll your own crypto, and I’m thinking this is somewhat adjacent to that. What does a password manager do in terms of security that I haven’t / can’t? Or am I on the right track and all password managers work in this same basic way?
Comments URL: https://news.ycombinator.com/item?id=20437090
Points: 1
# Comments: 0
from Hacker News: Newest https://ift.tt/32ra5LH
via IFTTT
No comments:
Post a Comment