support for sphinx
stef opened this issue · comments
author of sphinx here. would love to have sphinx covered by your tool: https://github.com/stef/pwdsphinx/ - and the addons https://github.com/stef/websphinx-firefox and https://github.com/stef/websphinx-chrom
Hello, I will take a look and if the manager store credentials in plaintext format and there is a way of extracting the data, I will include it to the tool.
Thank you for the suggestion.
there is no plaintext credentials. it computes an OPRF(k,masterpassword) = output_password. and the oprf is basically hash(masterpassword || hash(masterpassword)*k) - where * is a scalar multiplication on the curve 25519, k is in a remote compartment - a server on the internet, or a dedicate hw device.
If the credentials are encrypted at all times, there is no way to dump them. So, this password manager cannot be included in the tool.