Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Step-1: open the above PDF. Step-2: search for "HMAC". Step-3: note which application uses HMAC. Step-4: you should prefer (3) to all others.


A note to other 1Password users like myself, per the linked PDF 1Password does not use HMAC.


According to [0], it does:

"The OPVault format uses Encrypt-then-MAC for authenticated encryption with AES-CBC-256 for encryption and HMAC-SHA256 for Message Authentication. Key derivation uses PBKDF2-HMAC-SHA512"

[0] https://support.1password.com/encryption/


I suppose some of the results are obsolete. For example, 1P is now already at version 5. Version 2 was about 5 years ago.


Linux support seems to be BETA.


Where did you get that information?


http://passwordsafe.sourceforge.net/news.shtml

Under 28 Dec 2014 it mentions 0.95, but there is a 0.96 from 12 June of 2015 available at

http://sourceforge.net/projects/passwordsafe/files/Linux-BET...


I agree completely.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: