“The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. All the passwords it created could be bruteforced in seconds.”

donjon.ledger.com/kaspersky-pa

They used math.random() on the web version y’all. This is a “security” company. I’m speechless.

Follow

@aral Glad I'm using
```< /dev/random tr -d -c "[:graph:]"``` with enough entropy for gerenation of my passwords.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!