DiceKeys creates a master password for life with one roll

Enlarge / Not a board game, a security tool. (credit: DiceKeys)

Modern cybersecurity, done with properly paranoid best practices, requires meeting some tough demands: Carry a physical two-factor key to plug in and authenticate yourself on a new computer, but if you lose or break that tiny piece of plastic you could be locked out of your accounts. Use different, totally unguessable passwords for every website, without repeating them or writing them down. And even if you opt for a password manager-as you should-you'll need to remember a long master password for years, or risk losing access to the rest of them.

Or you could reduce all of that complexity to a single roll of 25 dice into a plastic box. This week Stuart Schechter, a computer scientist at the University of California, Berkeley, is launching DiceKeys, a simple kit for physically generating a single super-secure key that can serve as the basis for creating all the most important passwords in your life for years or even decades to come. With little more than a plastic contraption that looks a bit like a Boggle set and an accompanying web app to scan the resulting dice roll, DiceKeys creates a highly random, mathematically unguessable key. You can then use that key to derive master passwords for password managers, as the seed to create a U2F key for two-factor authentication, or even as the secret key for cryptocurrency wallets. Perhaps most importantly, the box of dice is designed to serve as a permanent, offline key to regenerate that master password, crypto key, or U2F token if it gets lost, forgotten, or broken.

Read 10 remaining paragraphs | Comments