Password Chef

@mostlymarius needing to create a new password is my biggest issue with these "recipe/formula" password creators. they're great until you have to change one or two passwords. then you have multiple recipes, and you have to remember which one work for which passwords, which essentially defeats the purpose of the "easy-to-remember" system.

@mostlymarius Thank you so much for the kind words, Marius. And great questions. We've given those concerns a lot of thought. Here's how we tackled them: 1. Notes. At some point, you may encounter a site that doesn't accept the password your recipe produces. So we offered a "notes" field to jot down the adaptation you may need to make (e.g. "For bank, limit to 10 characters"). We imagined you could write a similar note in the event a single password needed to be changed (in the event of a breach). 2. "Enter Characters." This is an option in the word pool that lets you add an explicit character/phrase into your passwords. Perhaps you want to start every password off with "$5" so you wrote "Enter '$5'" as your first step. However, we also saw an opportunity for people to use it as a variable. So instead of "$5," you might use "birth year." This allows you to further protect your recipe with steps only you'll know how to execute. But, this variable idea is also useful for those office workers who have to change their password periodically. So that using a variable like "month" or "quarter" would allow them to avoid writing a whole new recipe. 3. Multiple Recipes. I use several. The recipe that includes my email account, for example, is significantly more secure than the recipe I use for Pandora, Netflix, etc. So there's no connection between my most and least secure accounts. Even with a single recipe, as you noted, you're at very limited risk. Someone would need to recognize your password as recipe-based, and potentially make a few guesses on how it was engineered. If you use a secret code, that could be especially difficult. And as our library of word pool options grows, the difficultly is increased even further. Lastly, I'll say this. It sounds like bull, but it's true. Coming up with a good recipe is satisfying, and the more you use the app, the more "tricks" you'll discover–ways to recall passwords faster, or type them more quickly, while maintaining good strength. Whenever I stumble upon one, I actually look forward to any poor excuse to write a new recipe and update every single password (in that category) so I can put my new trick to use.

@timwinfree Thanks so much for the thoughtful response, Tim! I'm glad and entirely unsurprised that you guys have given these things some serious thought. I'm looking at this from the perspective of someone who might be trying to introduce a non-techie to password management in general, so I'm weighing the demands of the recipe system against the demands of a password manager. The satisfaction you mentioned (and the general value of a metaphor as accessible as a cooking recipe) is very valuable during the onboarding phase, but I have to weigh that against the ongoing demands of the system. In my head I'm comparing to 1Password, my current solution. In essence, Password Chef asks its users to memorize a different kind of information than 1Password does—an algorithm instead of a master password. The advantage is that the algorithm IS the password—for everything—so you theoretically don't need the app. But I think the problem I'm having is that the "Mental Effort" portion of your chart is super important. The difference between minimal mental effort and a little is actually a huge divide. Besides security, the whole purpose of password management is convenience. Consider a practical example: logging into an account on your computer... Option 1: With no password manager, Steve McUserton pulls out his password notebook (this is a real thing I encourage family members to stop doing), flips through to the relevant letter, and painstakingly copies out each character. This generally happens twice because Steve's handwriting isn't great so he'll have to take another swing at some characters. Option 2: With Password Chef, Steve has repurposed his password notebook as bedding for his parakeet, and instead appeals to his memory to retrieve his password recipe...he remembers most of it, pops out his phone to check, then dutifully computes the password and logs in successfully. Or he remembers it correctly and doesn't need his phone at all. Either way, much quicker than his old method. Option 3: Steve tries out 1Password. Instead of an algorithm, Steve memorizes a song lyric that he loves. In fact, he's had it memorized since high school when his first kiss happened to that song, but he remembers which letters he capitalized and which he replaced with numbers to make a more secure master password. Once unlocked, 1Password logs in for him. If it was already unlocked, he could have just pressed Ctrl/Cmd + \ and not had to think about passwords at all. The crucial difference that worries me is that Password Chef asks for two things, not one: you must remember a recipe, and then use it to compute your password for any given login. For 1Password, you're only asked to remember a password. A long one, to be sure, but...it's one simple task and you don't have to manipulate the information you remembered, just type it in. You see my concern. And that's without even delving into the entirely new dimension of convenience afforded by TouchID in conjunction with 1Password's extension when you're on your phone. I guess my struggle is that while Password Chef is easier to grasp and get started with, it has some fundamental limitations to its convenience level, which could be a deal-breaker when considering day-to-day usage and long-term scalability for people. To be clear, I see this as a problem with the recipe system in general, it's not a problem with Password Chef specifically—I think it's obvious that yours is the finest implementation of this idea that I've encountered. None of this is meant negatively, by the way; I'm convinced that there are use cases for which the recipe system is undoubtedly better than a standard password manager (with or without a centrally stored database), but this is the kind of thinking that was going on in my head as I considered introducing family, friends, clients, etc. to the app.