We tell users to use a phone number, social security number, or email address. Following this guideline, it’s impossible to end up with identical phrases.
-
-
Replying to @olihough86 @HashTheCode and
How will you have the same phone number or email address as another person?
3 replies 0 retweets 0 likes -
Since humans are not good at choose strong random passphrases, these can be guessed (at east for some dump users). Then, for an attacker, testing all possible salts (phones etc likely to have been used) is very easy. That's a big security concern.
2 replies 1 retweet 8 likes -
Replying to @HashTheCode @olihough86 and
That’s why we include a dice that you can roll to create perfect analog randomness.
2 replies 0 retweets 0 likes -
Analog randomness to what ? If the user is *choosing* his passphrase, you will never get anything close to good randomness. Or are you preventing the user from choosing whatever phrase he want's ? Please be clear
4 replies 1 retweet 3 likes -
Replying to @HashTheCode @olihough86 and
We give people two methods to set their phrase. Some of it can be found here: https://www.bitfi.com/guide.html
1 reply 0 retweets 0 likes -
And you are checking that the salts are unique across all users? Do you warn them if they are the same?
1 reply 0 retweets 3 likes -
Replying to @cybergibbons @Bitfi6 and
lets hope so , but also hope not at the same time .. ?
1 reply 0 retweets 1 like
Warning: This SSN is already in use by another user!
-
-
Replying to @David3141593 @coinhub_nz and
I can't wait for someone to sniff the traffic and see it doing HTTP lookups for predictive text on the passphrase.
0 replies 0 retweets 4 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.