DIY: password key derivation tool using PBKDF2 / HMAC

First of all, I don't want to reinvent the wheel, just want to build my own car. Non-product environment; only for fun and entertainment.

The goal is to use a single private (and never published) master password to create unique passwords (token) for each website account (twitter.com, reddit.com, etc.)

Is the following approach consistent with these goals?

Code:

HOST_HASH = SHA512( LOGIN + SERVER )

USER_HASH = SHA512( USER_NAME + HOST_HASH )

PWD_HASH = SHA512( USER_PASSWORD )

KEY = PBKDF2_SHA256( USER_HASH, PWD_HASH, ITERATIONS_300000, LENGTH_512BITS )

DIGEST = HMAC_SHA512( HOST_HASH, KEY )

TOKEN = BASE64( SHA1(DIGEST) ) #-- just for convenient output

Inputs:

• USER_NAME = user full name (ie: Jones Smith)
• USER_PASSWORD = user secret master password (or passphrase)
• LOGIN = user alias or e-mail or what ever used to log in (ie: jsmith123)
• SERVER = web site or domain name (ie: stackoverflow.com)

Output:

• TOKEN = strong and unique password easy to rebuild but hard to guess (?)

You use hashes of hashes. In your scheme it is secure. See details here.

You use PBKDF2 and thus you protect derived passwords from brute-forcing.

But your approach can lead to usability problems. Suppose you have 100 - 200 accounts for websites, email services, social networks, video/audio services, webshops, banks, etc. Think of the following cases:

• One website requires you to change your password once a year, the other requires that every 3 months.
• One website keeps passwords in plain form. Their password database was compromised. They require you to change your passwords within 3 days.
• Mistakenly, you used a password for another website. After several attempts, your account was locked. After unlocking you are asked to provide a new password.

To change the password for one website, you will have to change your base password. This will change derived passwords for all other websites. That's why you will have to go to every single website and change your password.

• This can take a lot of time.
• You can forget some websites, because since you derive passwords automatically, maybe you don't keep the list. Later on, you will be surprised that such forgotten sites don't accept the password.
• Some websites can be unavailable at the moment you want to change your password. Or you just don't have time to change the password for all websites at once and do that in blocks, 10 sites today, 10 sites tomorrow, etc. Later on, you will be not sure where have you already changed the password and thus what base password for what website you should use.

You decide if this is acceptable for you.

But if you use some password manager, you will get reliably protected passwords, e.g. KeePass encrypts with AES-256 and use uses a configurable number of iterations for password derivation, you still need to remember a single good password like a dicewire based, but the advantage is, that all your passwords for different resources remain independent on each other and you will not have any usability problems mentioned above.