You are viewing a single comment's thread from:

RE: Hive core developer meeting #20

in #hive4 years ago

Limiting what the owner key can do does help and seems better for security so people can't use it except to rewrite their keys.

Did they say they would get rid of the master password?

Also why is it called a password and not a key... never quite understood that.

4 years ago in #hive by
$0.00
    Reply 2
    Sort:  
  • Trending
    • [-]
     4 years ago  

    As far as I understand, getting rid of the master password is at least on the table. That's why I'm making a case for it.

    Owner key and master password might just be remnants of early ideas. Ideas that never came to fruition.
    There are probably people better versed in Hive lore than me ;)

    $0.11
    • Past Payouts $0.11
    • - Author $0.10
    • - Curators $0.01
    1 vote
    Reply
    [-]
     4 years ago  

    Did they say they would get rid of the master password?

    It looks like this is something where front ends cooperation is expected as well. From the summary:

    Then the discussion went on the master password which can be used to derive all the other keys, which is obviously an even bigger security risk. We are thinking of just removing the capacity from libraries to generate keys from a master password so that front ends won't feel enclined to offer a "login with a master password" feature. But there are UX tradeoff where now the user has to juggle with multiple keys, although that's less relevant now that we have great key management systems in place like keychain.

    $0.00
      Reply