HN Reader

US ends international push to combat fake news from hostile states (ft.com)

1 points by geox 1m ago 0 comments

The Art of Incident Management Pt. 1 (rootly.com)

1 points by rootlyhq 5m ago 0 comments

Trusted Publishing for NPM Packages (docs.npmjs.com)

1 points by jmsmtn 5m ago 0 comments

Replacing SGX with GitHub Actions: Or How to Turn GitHub Actions into a Trusted (ethanheilman.com)

1 points by todsacerdoti 6m ago 0 comments

Ukraine Unmanned Drone Tracker (sbs-group.army)

1 points by throwoutway 6m ago 1 comments

OCR and RAG for Tables (mrm1001.github.io)

1 points by mariarmestre 6m ago 0 comments

Rabbit have overhauled the OS as rabbitOS2 (rabbit.tech)

1 points by simonjgreen 7m ago 0 comments

How to Build Python Code with Bazel (and Why) (ohadravid.github.io)

1 points by todsacerdoti 8m ago 0 comments

Show HN: Bifrost – The Build Service for NativePHP Apps (bifrost.nativephp.com)

1 points by simonhamp 8m ago 0 comments

AQAP likely to encourage further popular protests in Hadramaw (janes.com)

1 points by vinnyglennon 8m ago 0 comments

Google to Obey South Korean Order to Blur Satellite Images on Maps (barrons.com)

1 points by gnabgib 8m ago 0 comments

All unimaginery internet futures are in one place.(free) try now (sites.google.com)

1 points by RRR_pro_ 9m ago 0 comments

Show HN: DJI360 – DJI Product News and Buying Guide Platform (dji360.com)

1 points by sjdeak 10m ago 0 comments

How to Use Claude Code Subagents to Parallelize Development (zachwills.net)

2 points by zachwills 13m ago 1 comments

India turns to alternative motors amid China's rare earth cut offs (reuters.com)

2 points by chiffre01 14m ago 0 comments

Could a giant dam save the Atlantic currents that keep Europe warm? (science.org)

2 points by pseudolus 14m ago 0 comments

Eat Your Vegetables Before AI Dessert (writings.alethia.news)

3 points by truelson 16m ago 0 comments

Toolkit to help you get started with Spec-Driven Development (github.com)

2 points by msis 16m ago 0 comments

Goals per Week: A Proven Productivity Method for Stem Professionals – Execute3 (execute3.com)

2 points by evchay 17m ago 0 comments

Show HN: Run any GUI app in the terminal with term.everything (github.com)

2 points by ghub-mmulet 18m ago 0 comments

$1.1M for a Logo, Austin [video] (youtube.com)

2 points by thelastgallon 18m ago 0 comments

I love UUID, I hate UUID (blog.epsiolabs.com)

2 points by dkgs 19m ago 0 comments

Show HN: I built a Markdown to HTML converter that fixes AI-generated quirks (markdownhtmlgen.com)

2 points by zongheng 20m ago 0 comments

Show HN: Find Your Perfect Pair of Overalls (overallsshop.com)

2 points by yangyiming 21m ago 0 comments

Show HN: AI agent that clones viral content structures to automate social growth (synthmind.app)

2 points by Jilong121 22m ago 1 comments

New Data Science LLM Benchmark (proud-botany-7dd.notion.site)

2 points by cmendez 23m ago 0 comments

Microsoft inks AI infra deal with Yandex cofounder's biz for nearly $20B (theregister.com)

2 points by rntn 23m ago 0 comments

Preparing for the Worst (daniel.haxx.se)

2 points by renehsz 23m ago 0 comments

'It's back to the future': the 13th-century castle built by hand in France (theguardian.com)

1 points by PaulHoule 24m ago 0 comments

Show HN: Next Home Game – Crowd-avoidance alerts for UK football matches (nexthomegame.co.uk)

1 points by richelectron 24m ago 0 comments

A Love Letter to Internet Relay Chat (hackaday.com)

1 points by renehsz 26m ago 0 comments

Burger King attackers 'impressed by commitment to terrible security practices' (tomshardware.com)

3 points by mooreds 26m ago 0 comments

Peon – Prefixed Entry Object Notation (bartoszsypytkowski.com)

1 points by DaGardner 26m ago 0 comments

A Napa Wine Tour Owner Built One of the Most Efficient Shared Kitchens (thefoodcorridor.com)

1 points by mooreds 27m ago 0 comments

mailbox becomes the digitally sovereign workplace (mailbox.org)

1 points by crossroadsguy 30m ago 1 comments

The US Tightens the Dollar's Death Grip on Brazilian Democracy (project-syndicate.org)

1 points by rguiscard 31m ago 0 comments

Why is Bob Smith termination for Ethernet recommended if it's wrong? (electronics.stackexchange.com)

1 points by burnt-resistor 31m ago 0 comments

Show HN: Open-source counter strike clone, from scratch, no game engine (solcloud.itch.io)

1 points by solcloud 31m ago 0 comments

Show HN: Azure CI/CD Starter Kit with Terraform and GitHub Actions (github.com)

1 points by Olayinka777 33m ago 0 comments

Text Format Feature Matrix (keenwrite.com)

1 points by Bogdanp 34m ago 0 comments

Ask HN: Feedback on my stateless password manager (no stored secrets)

1 points by yoyo250 34m ago 0 comments

Show HN: Narcissistic Abuse Simulator exposes toxic patterns (narcissisticabusesimulator.com)

1 points by n8m8 34m ago 1 comments

Recommended Books for Learning Ruby (rubynewbie.org)

1 points by jvrc 35m ago 0 comments

Rendering the Mandelbulb (4rknova.com)

1 points by ibobev 36m ago 0 comments

How we SSH into GitHub Actions (blacksmith.sh)

7 points by tsaifu 37m ago 0 comments

Accessibility might be AI's biggest breakthrough (arstechnica.com)

1 points by sohkamyung 39m ago 0 comments

Show HN: CLI tool to transfer your chats from Telegram to WhatsApp (github.com)

1 points by goofed 42m ago 1 comments

Humanoid Olympic Games (generalrobots.substack.com)

1 points by FromTheArchives 43m ago 0 comments

Unredacted Magazine (September 2025 issue) [pdf] (inteltechniques.com)

2 points by jayhoon 43m ago 0 comments

Air pollution can drive dementia (theguardian.com)

3 points by gmays 44m ago 1 comments

Ask HN: Feedback on my stateless password manager (no stored secrets)

1 yoyo250 0 9/9/2025, 1:00:29 PM
Hi HN,

I built a prototype password tool that never stores passwords or vaults. Instead, it derives them on the fly using:

* A hardware OpenPGP key (smartcard/YubiKey/etc.)

* User inputs (domain + login + a simple passphrase)

* Deterministic signing + KDF

So as long as you have the hardware key and the same inputs, you can always reproduce the same password. Nothing is stored locally.

Current status:

* Python CLI, pre-release v0.9.0

* Tested only on Windows 10 with RSA4096 keys

* Requires GPG installed

* English default + Chinese i18n (basic)

Limitations:

1. Not audited (research/PoC)

2. Only RSA tested

3. No GUI (TUI planned)

4. Not tested on other platform

5. Some sites may reject the generated charset (You can edit, but it may cause a mess.)

Looking for feedback on:

1. Security flaws in this design?

2. Portability to Linux/macOS and non-RSA keys

3. Possible ways to use hardware keys without shelling out to GPG

4. Usability / UX ideas (TUI, i18n, etc.)

Links:

GitHub: https://github.com/biliyoyo520/paasword/

Blog: https://blog.yoyo250.fun/archives/coding/16.html

Thanks!

Comments (0)

No comments yet