-
@ teatwo
2025-06-14 07:35:39
There are techniques to encrypt a secret key with a password as a salt. For example, the master password of a password manager, proton mail cloud syncing, or NIP49 used in the Nostr client.
If this password is not filled with the auto complete of the password manager or OS/browser, it is likely to be simple and easy for the user to remember, so it is likely to be a placebo that can be cracked by brute force attacks.
We learned this from the LastPass leak incident and are now staring coinos.