A sanity check

[Alan Karp]

Based on Crock's suggestion SitePassword can now store user-provided passwords.  Since it now both calculates and stores passwords, I've changed the title of the paper to "A Hybrid Password Manager."  Thoughts?

SitePassword stores a user-provided password by XORing it with the calculated password for the site.  An attacker who knows both a user-provided password and the corresponding bookmark can figure out the calculated site password and can use that to start guessing the master password.  I believe the work is only a little harder if the attacker doesn't know the bookmark.  Is that right?

I could also encrypt the user-provided password with a key derived from the calculated site password.  Now an attacker would have to guess the calculated password before guessing the master password.  I think that only doubles the effort.  Is that right?  Is that worth becoming dependent on a crypto library?

--------------
Alan Karp