Custom username & password generator functions

I don’t know if this is really clever, it’s an evolution of something I’m doing for years, so it’s an old habit from before I was using a password manager.

The original idea was to have a unique email and unique password for each site. And without password manager, I had to be able to remember them all. So I created 2 functions to generate these values based on a reference name (basically the name of the site).

Now, even if I’m using a password manager, I still like the idea to be able to find the credentials without having to access my password manager. (Also because on iPhone, it’s annoying to have to type my Bitwarden password and it’s faster to directly type the site password.)

Example: (too basic to be used for real)
Email: [email protected]
Password: prefix-Ao

Name: facebook (base domain, without TLD, lowercase)
Email hash: fk (name[0] + name[-1])
Email subaddress: (name + “.” + hash)
Password hash: Ao (upper(name[1]) + name[-2])
Password: PREFIX + “-” + hash

Is that method clever, OK, somewhat dangerous or plain stupid?
If at least OK, would it be a good idea to be able to define our own functions to generate these values? And have a preference telling whether we want to automatically use that by default when creating a new login item. And another to define the base email address… as the one used for Bitwarden may already contain something similar (yet different :wink:).

Remark: Ideally, the generator should allow to manually change the result of function1 because there are exceptions that are obvious to remember but too complicated to code.

Unique is an excellent idea, but it is not enough. Passwords also need to be non-predictable. When using a password manager, passwords should be randomly generated. There is no need to remember passwords (other than your master password – for which you need an emergency kit).

There are biometric ways to avoid repeatedly typing your master password. This is a much preferred over weakening passwords.

A common prefix/suffix is not inherently bad – we call that peppering your password and use it in cases where one does not have complete faith in their vault. But beyond that, a password should not contain any patterns. It makes it too easy to guess your gmail password if one learns your facebook password.


What you’re describing is a scheme known as a “deterministic” password manager. Thus, you should probably read this:

1 Like

Thanks for the very interesting information.

#1 Password function
#2 Email subadressing function

Of course, random is the best.
To be clear, my real “functions” are obviously way more complex than the example I gave. They’re thought to not be reverse-engineerable (at least not easily and not with only a few known passwords). Drawback: it makes the mental processing time a bit long :face_with_diagonal_mouth:

As I said, it’s based on an old habit formed before using a password manager. Another reason to keep that is to not be dependent on the password manager… but are there truly good reasons for that? :thinking:
Not having access to your password manager will probably never happen. At worst, it’ll be a bit time consuming to access.
If completely losing access to your PM, you can still use the “forgot password”.
So? :man_shrugging::thinking:

PS: That said, a custom function like this can be useful for peppering.

What about a custom subaddressing function?
A random value is best but the idea of having the name of the site in the email is also to identify where spam is coming from. But OK, we can still search our vault to find to which site the email is associated. So I guess it’s not useful.

I get that new habits are hard. It took me a long time to embrace that I do not know most of my passwords. Even now, I am fastidious about maintaining both an emergency kit and vault exports, so that they remain discoverable to me. And, I keep an unencrypted export on an off-line USB that I can import into a competitor in case Bitwarden were to suddenly vanish.

No harm in doing so, but conventional wisdom is that the same pepper for all passwords is OK. The base password provides the strong, random, unique characteristics. The pepper just adds a bit of “flavor” so the vault entry is incomplete.

The primary reasons to sub-address are to identify who leaked your email and to aid in building filing rules in your client. With Bitwarden we also use it to reduce annoying emails caused by people knocking on our accounts with a leaked email. Since none of this is “secret”, one only needs “unique”. Non-predictable need not enter the picture, but there is no harm (other than added complexity) in doing so. Personally, I would go with something like [email protected] or maybe throw a random digit at the end if one feels like upping the bar a bit ([email protected]).