“The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. All the passwords it created could be bruteforced in seconds.”


They used math.random() on the web version y’all. This is a “security” company. I’m speechless.


@aral Glad I'm using
```< /dev/random tr -d -c "[:graph:]"``` with enough entropy for gerenation of my passwords.

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!