Hackaday

HIPPO is a proposed storeless password manager system implemented as a browser extension paired with a central server. Instead of storing passwords in a vault, it computes site-specific passwords on the fly using an Oblivious Pseudorandom Function (OPRF) protocol. The user's master passphrase and the site domain are hashed, blinded, and processed with the server's secret key — neither side ever sees the other's raw secret. The result is a unique, high-entropy, deterministic password per site, auto-filled by the extension. The tradeoff is that the HIPPO server becomes a single point of failure, and the system doesn't yet handle 2FA. It remains a research concept, not a live service.

Don’t Trust Password Managers? HIPPO May Be The Answer!

<p>I have heard of this kind of unique password generators for a long time now. I am not at all convinced simply because we use our password not only on our computers but also with our phones, tablets etc… I do not see how such service would work with this devices.</p>
<p>Maybe I should try one day, but for now I will stick with my self hosted password manager :)</p>
