(github.com)

816 points tosh | 1 comments | 17 Aug 24 16:59 UTC | HN request time: 0.204s | source

Show context

menzoic ◴[18 Aug 24 05:44 UTC] No.41280363[source]▶

>>41275920 (OP) #

Autocompleting secrets sounds unsafe.

> The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed.

replies(3): >>41280601 #>>41281026 #>>41291205 #

1. danieljacksonno ◴[18 Aug 24 06:42 UTC] No.41280601[source]▶

>>41280363 #

I had the same reaction. It's a one time password, so it does not need to be as secure as a permanent one, but it still feels silly to have a long password that you can just type the first few characters and have it auto complete each word, versus just having a shorter password to begin with.

That said I can see how autocompleting from the first three letters of each word for "beaver-grass-hypocondriac-shelf" might be easier for a human than typing "beagrahypshe"

↑

Magic Wormhole: get things from one computer to another, safely