Former versions of Peerio allowed a user to choose a passphrase consisting of 5 to 12 (if I remember correctly) words. 5 words seemed like a reasonable minimum, while users which required higher level of security could choose a longer passphrase.
Current sign up interface doesn't include this option (and doesn't even remind the user that the passphrase was generated and will be necessary to log in from another computer successfully). The only possible background-generated passphrase length is the former 5 words minimum.
I believe I'm not the only one, who considers the 80bit maximum effective key strength a deal breaker (taking into account that all the Peerio end-to-end encryption relies on this single key and cryptoanalysis gets better all the time). It's a pity to waste so much potential just to get rid off one unobtrusive selection field.
I think, reimplementing the passphrase length selection would make Peerio usable for many once more.
Please sign in to leave a comment.