Ask HN: Protecting against Password Manager getting hacked

2 points by devnull3 ↗ HN
I am thinking of using a password manager. I am having trouble to trust these managers. My fear is that a password manager becomes a single point of vulnerability.

Here is an idea to protect passwords.

Say I want to store the password: ykT%mK#5 (just an example). Instead of storing it as is. I would apply the following algo:

1. Reverse letters

2. Add character at 5th position (1 based indexing)

So the stored password becomes: 5#Kmd%Tky (added letter d)

The above is a sample algo. But I think this it is easier to remember algo (It is like your own simple encryption function). One can have different algos for different categories e.g Banks, Email, Github, Office, etc

Question: Does this strategy make storing things in Password Manager more secure in case its compromised?

5 comments

[ 4.0 ms ] story [ 18.2 ms ] thread
Thats just one password, how about 50 passwords?
Same algo to all passwords. Or As mentioned different algos for different class of logins (e.g Email, Banks, etc).

The idea is that if passwords are compromised they will not work unless you know the algo. So now you will have to remember two things:

1. The master password

2. The algo

Then you can’t use the password manager autofill anymore and you lose one of the defenses against phishing (the password manager checking the url)
Which is fine actually. I was never interested in that feature. Security of the passwords is the most important requirement for me.
I use a password manager to store passwords but I don't add the username/email related to the password, e.g.

account: google

username:

password: *****

usernames are easier to remember for me because I don't use that many.