Sharing cause I know this is a solution lots of us are probably looking for.
22 Likes
Wow! This is really cool! Love it!
1 Like
This gives me Scylla vibes from Prison Break.
This seems like a really cool project, thanks for sharing c:
Seems like a great little thing, but idk I’m starting to get a bad feeling about the direction that Ente is headed.
I just posted this the other day. Earlier this year someone at Ente wrote this and now in their blog post about this hackathon it says:
“I’m happy about the culture of hacking we’re building at Ente. It was heartwarming to see folks who have never written a line of code deploy products that are fun and functional.” [emphasis added]
I still trust that people at Ente have good judgement on how to approach these AI things, especially on their main products, but I’m seriously starting to consider moving my photos somewhere else before it gets too vibey over there…
This is a neat UI, but this is just Shamir’s Secret Sharing which has existed since 1979 and there are many similar implementations (I am not necessarily vouching for these, just pointing out they exist). It’s not really anything technically groundbreaking.
6 Likes
This is very unfortunate for a developer that already has a similar product that he has been working on, for several years …
Agreed. I’m sure they are aware other implementations exist, but it doesnt hurt to make it more accessible.
Aside from the intent of this tool, it would be pretty cool to make a bunch of these as a party game, stash them around an area, and have people find the right combos to reveal the secret.
2 Likes
Question is: why give an important passphrase of mine away via web to a more or less untrusted project when I can achieve the same on my local system using ssss?
From the site:
A fully offline HTML recovery page is included when you use “Download all cards”. Open that file locally, add any two matching cards, and recover without needing the site. 2of3 is also open source, so the format is inspectable and recovery is not locked to one hosted service
However I can’t verify this since the download all button seems to only download the first card for some reason. Idk if it’s my browser that’s the issue or something on the website’s end.
Still, I agree that you shouldn’t go entering sensitive details using this tool regardless, its bad opsec.
1 Like
I can definitely see myself using this not just as a recovery method for myself, but a way to share password or any important information with people on the internet. Especially when those people don’t use E2EE platforms.
With all that being said, as a recovery method for myself, I can’t see myself using this for anything other than the master password of my password manager. I think having recovery cards for multiple accounts is risky. I wouldn’t want to mix up recovery cards for different accounts.
The reality is, you don’t want to ever have to need them. But for people who are not good at remembering their passwords it’s extremely useful. However, IMHO, only as long as they use it for ONE acciybt, which should be their password manager’s password.
For those who intend to use this for their own accounts, do you plan to use it for more than one account? If so, which accounts, and why?
1 Like