Secure Password Generator 的評論
Secure Password Generator 作者: Nikolay Martynov
Firefox 使用者 13366487 所留下的評論
評價 4 分,滿分 5 分
來自 Firefox 使用者 13366487,8 年前Very handy, been using it for a few weeks and am relatively satisfied with this add-on.
However I think that there are 2 significant blunders or "rookie mistakes."
#1: enforcing a minimum count of a certain type of character. By using the up and down arrows, only a minimum of 2 can be selected. But a 0 (zero) can be manually entered, and should be, to maximize randomness and eliminate a bias. The outline should not be highlighted in red as if it's not a good thing to specify a minimum of 2 characters for a particular type of character.
#2: there is no explanation as to how the random characters are generated, how robust is the cryptographic process. True randomness is very difficult to generate. These passwords are probably good enough for log-in passwords, but what about for use with true encryption? If I need robust passwords for encryption I'd go to grc.com, packetizer.com, or use Keepass.
However I think that there are 2 significant blunders or "rookie mistakes."
#1: enforcing a minimum count of a certain type of character. By using the up and down arrows, only a minimum of 2 can be selected. But a 0 (zero) can be manually entered, and should be, to maximize randomness and eliminate a bias. The outline should not be highlighted in red as if it's not a good thing to specify a minimum of 2 characters for a particular type of character.
#2: there is no explanation as to how the random characters are generated, how robust is the cryptographic process. True randomness is very difficult to generate. These passwords are probably good enough for log-in passwords, but what about for use with true encryption? If I need robust passwords for encryption I'd go to grc.com, packetizer.com, or use Keepass.