rnhmjoj/scat
1
0
Fork 0
mirror of https://github.com/redelmann/scat synced 2025-01-09 22:24:19 +01:00
Code Issues Releases Wiki Activity

Typos corrected.

Browse Source
This commit is contained in:
redelmann 2013-08-12 20:06:21 +02:00
parent 9a5cd81c80
commit e27df25307
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -12,15 +12,15 @@ they don't gain access to your bank account and your money as well. But, on the
`scat` is the solution to this problem. It allows you to safely generate for each website or service you suscribe to a unique password. All you have to do is remember a single, as strong as possible, password and securely keep a long random code.
Given the same information, `scat` will always generate the same password, so if you were to completely lose your entire key chain,
you can always retrieve them.
you can always retrieve all the passwords generated by `scat`.
Passwords generated by `scat` are very secure and independant of each others. If by misfortune one of the generated password is compromised, all other passwords are still safe, and so is the password you used to generate them.
## How to use
`scat` is a secure password generator. It does not replace your favorite secure key chain, but it should be seen as a completement to it. Use `scat` to generate a different password for each of the service you suscribe to, and use your key chain (such as [pwsafe][pwsafe] for instance) to keep the generated passwords.
`scat` is a secure password generator. It does not replace your favorite secure key chain, but it should be seen as complementary to it. Use `scat` to generate a different password for each of the service you suscribe to, and use your key chain (such as [pwsafe][pwsafe] for instance) to keep the generated passwords.
## Example
### Example
To use `scat`, simply call it specifying which key, or service, it must generate a password for.
Then, simply enter your password (which is, in this example, `pony1234`, and code, `AGDE2-DGXA4-33DLQ-WEDAP-GYPQ9`):
@ -69,7 +69,7 @@ Generated password:
There are many ways to generate and store a suitable code. For instance, you can use a key such as [those provided by yubico][yubico-key], which can [generate and store static keys][yubico-static]. Be sure to use the maximal key size!
However, if you do not want to invest in a key, there exists secure solutions at your disposition that won't code you anything.
However, if you do not want to invest in a key, there exists secure solutions at your disposition that won't cost you anything.
For this, all you need is two dice that you can differentiate (one red and the other black for instance) and a small piece of paper (for instance of credit card format).
For 25 consecutive rounds, throw the two dice, lookup the result in the table below and report it on the piece of paper.
You may want to put a dash between the various results, or any other separator, to increase readability.
@ -107,7 +107,7 @@ guess your password correctly. So it's pretty safe.
Now, let's imagine for a second that an attacker gets to know one of your generated password.
This is pretty bad, but not as bad as having a single password. Imagine for a second the disaster if your attacker could directly access all your accounts!
Knowing a single generated password won't help your attacker much, it is still practically infeasable for him to get to your original password, so all of your other accounts are safe!
Knowing a single generated password won't help your attacker much, it is still practically infeasable for them to get to your original password, so all of your other accounts are safe!
## Password schemas