4 comments

[ 0.28 ms ] story [ 21.9 ms ] thread
No one is going to touch this unless you provide some source code.
I guess that makes sense. Is there anything else i can do because i wouldn't like to disclose the source for the reason of it not getting copied or something similar.
You're offering a Windows installer for an application that appears to add complexity to simple passwords - probably hashing it with a seed - but without source code, there's no way for anyone to validate the effectiveness of that process, that it doesn't make passwords easier to guess, or even that the app isn't sending everyone's passwords directly to you. You're not even offering a signed binary.

Some people will probably use it and it might work perfectly well but I think most, especially here, are going to be suspicious.

I understand what you are saying and thank you for offering your thoughts.

The app doesn't do any type of hashing. The app just intercepts your keystrokes as you type and replaces what you type with a random character. I would of thought the validation would be through giving it a try and using it.

In regards to signing the binary, i didn't want to buy a code signing cert until I had some positive feedback and it was worth getting.

Again i understand your concerns and thank you for the feedback.