Adding Security Measures to Account Management

10 views
Skip to first unread message

Chris Hoffman

unread,
Sep 28, 2011, 9:34:28 PM9/28/11
to mozilla-labs-online-identity
Hello everyone,

This account management tool is a great idea. However it must store
passwords. Is that file encrypted securely? How does this idea
sound. Create a random password generator and random username
generator(or use random.org) and integrate it with the account manager
for updating usernames and passwords. Create fields to schedule when
new usernames and passwords will be created. Hash the entire result
with 256 bit encryption and save it.

Now you could write a bill payer app and an ordering goods app, or an
account generator app. The account generator app takes in all the
websites where you would like an account, the username and passwords
are generated, the accounts are created and the result is md5
checksummed back to you over https. Have a backoff algorithim so the
servers do not see this as a denial of service attack, so it will keep
retrying until the accounts are generated.

Is that enough security? Did I just describe google shopping?


Reply all
Reply to author
Forward
0 new messages