Admin: Created page with "'''Master Password''' is an algorithm designed by Maarten Billemont for creating unique passwords in a reproducible manner. It differs from traditional [[password manager]..."

2019-06-13T13:32:50Z

Created page with "'''Master Password''' is an algorithm designed by Maarten Billemont for creating unique passwords in a reproducible manner. It differs from traditional [[password manager]..."

New page

'''Master Password''' is an algorithm designed by Maarten Billemont for creating unique [[password]]s in a reproducible manner. It differs from traditional [[password manager]]s in that the passwords are not stored on disk or in the cloud, but are recreated every time by using information entered by the user; most importantly, their full name, a master password, and a unique name for the service the password is intended for.

* '''name''': The user's full name, used as a [[Salt (cryptography)|salt]]. The user's full name is chosen as it provides a sufficiently high level of entropy, while being unlikely to be forgotten.
* '''master_password''': The secret used for generating the master key.
* '''site_name''': A unique name for the service the password is intended for. Usually, the bare domain name is a good choice.
* '''counter''': An integer that can be incremented when the service requests a new password. By default, it is 0.
* '''password_type''': The password type defines the length and the constitution of the resulting password, see below.

=== Master key generation ===

The master key is a global 64-byte secret key generated from the user's secret master password and salted by their full name. The salt is used to avoid attacks based on [[rainbow tables]]. The [[scrypt]] algorithm, an intentionally slow [[key derivation function]], is used for generating the master key to make a [[brute-force attack]] infeasible.

<source lang="python">
salt = "com.lyndir.masterpassword" + length(name) + name
master_key = scrypt(master_password, salt, 32768, 8, 2, 64)
</source>

=== Template seed generation ===

The template seed is a site-specific secret in binary form, generated from the master key, the site name and the counter using the [[HMAC-SHA256]] algorithm. It is later converted to a character string using the password templates.

<source lang="python">
seed = hmac_sha256(master_key, "com.lyndir.masterpassword" + length(site_name) + site_name + counter)
</source>

=== Password generation ===

The binary template seed is then converted to one of six available password types. The default type is the ''Maximum Security Password'', others can be selected if the service's password policy does not allow passwords of that format:

* Maximum Security Password (20 [[ASCII printable characters]])
* Long Password (14 ASCII printable characters)
* Medium Password (8 ASCII printable characters)
* Short Password (4 ASCII printable characters)
* Basic Password (8 alphanumeric characters)
* PIN (4 digits)

== Implementations ==

Billemont also created multiple free software implementations of the Master Password algorithm, licensed under the [[GPLv3]]. These include apps for iPhone/iPad, Mac OS X, and Android, as well as a graphical desktop application written in [[Java (programming language)|Java]], a [[command-line]] application written in [[C (programming language)|C]], and a web client written in [[JavaScript]]. The iOS implementation was first released in 2012.

==Source==

[http://wikipedia.org/ http://wikipedia.org/]

[[Category:Cryptographic algorithms]]
[[Category:Software]]
==See Also on BitcoinWiki==
* [[ORCA]]
* [[Beat]]
* [[Fluzcoin]]
* [[Hala]]
* [[Plentix]]

Master Password - Revision history

Admin: Created page with "'''Master Password''' is an algorithm designed by Maarten Billemont for creating unique passwords in a reproducible manner. It differs from traditional [[password manager]..."