WARNING: Complex and vast subject.
The user would upload a file or a few as key file(s), along side their passphrase.
Put aside the target audience, average Joe probably wouldn't want to upload key file(s) every time they logged in along side their passphrase.
I see this in one case where it helps.
The database gets breached and the attacker only has the hashes, but doesn't know if they used key files or not to use as a pepper for their passphrase. And if hashes were appended/prepended to the passphrase it would make it more secure, right?
For each file that the user uploads, we will hash their contents and append them to the passphrase when it gets hashed.
There is many ways we could go about it.
passphrase = passphraseHash(passphrase + key_file_hashes)
Note: If there is more than one key file, the order that the key files would go in matters!
From the way I am seeing it, it is a proper "pepper" since it's user provided, etc.
There is many possibilities. The key file could be obfuscated in a folder with 1000s of files.
Where else could this help? Where would this bring pitfalls?
Thoughts? Please share them!