Master Password (algorithm)

Master Password
Original author(s)	Maarten Billemont
Initial release	June 15, 2012;11 years ago
Stable release	2.3 / April 19, 2015;8 years ago
Repository	www.gitlab.com/MasterPassword/MasterPassword
Written in	Java, C, JavaScript
Operating system	Microsoft Windows and Unix-like, including OS X, iOS and Android
Available in	English
Type	Password generator
License	GNU General Public License
Website	www.masterpassword.app

Last updated October 30, 2023

Master Password is a type of algorithm first implemented by Maarten Billemont for creating unique passwords in a reproducible manner. It differs from traditional password managers in that the passwords are not stored on disk or in the cloud, but are regenerated every time from information entered by the user: Their name, a master password, and a unique identifier for the service the password is intended for (usually the URL).^[1]

Algorithm

Billemont's implementation involves the following parameters:^[1]

name: The username, used as a salt. The user's full name is chosen as it provides a sufficiently high level of entropy while being unlikely to be forgotten.
master_password: The secret for generating the master key.
site_name: A unique name for the service the password is intended for. Usually the bare domain name.
counter: An integer that can be incremented when the service requests a new password. By default, it is 1.
password_type: The password type defines the length and the constitution of the resulting password, see below.

Master key generation

In Billemont's implementation, the master key is a global 64-byte secret key generated from the user's secret master password and salted by their full name. The salt is used to avoid attacks based on rainbow tables. The scrypt algorithm, an intentionally slow key derivation function, is used for generating the master key to make a brute-force attack infeasible.

salt="com.lyndir.masterpassword"+length(name)+namemaster_key=scrypt(master_password,salt,32768,8,2,64)

Template seed generation

The template seed is a site-specific secret in binary form, generated from the master key, the site name and the counter using the HMAC-SHA256 algorithm. It is later converted to a character string using the password templates. The template seed makes every password unique to the website and to the user.

seed=hmac_sha256(master_key,"com.lyndir.masterpassword"+length(site_name)+site_name+counter)

Password generation

The binary template seed is then converted to one of six available password types. The default type is the Maximum Security Password, others can be selected if the service's password policy does not allow passwords of that format:

Maximum Security Password (20 ASCII printable characters)
Long Password (14 ASCII printable characters)
Medium Password (8 ASCII printable characters)
Short Password (4 ASCII printable characters)
Basic Password (8 alphanumeric characters)
PIN (4 digits)

Implementations

Billemont also created multiple free software implementations of the Master Password algorithm, licensed under the GPLv3.:^[2]

An app for iOS. The iOS implementation was first released in 2012.^[3]
An app for Mac OS X
An app for Android
A Graphical desktop application written in Java
A command-line application written in C
A browser plugin for Firefox and Chromium-based browsers^[4]^[5]
A web client written in JavaScript.^[6]

Related Research Articles

<span class="mw-page-title-main">HMAC</span> Computer communications hash algorithm

In cryptography, an HMAC is a specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. As with any MAC, it may be used to simultaneously verify both the data integrity and authenticity of a message. An HMAC is a type of keyed hash function that can also be used in a key derivation scheme or a key stretching scheme.

In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation.

In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system in scrambled form. A common approach is to repeatedly try guesses for the password and to check them against an available cryptographic hash of the password. Another type of approach is password spraying, which is often automated and occurs slowly over time in order to remain undetected, using a list of common passwords.

passwd is a command on Unix, Plan 9, Inferno, and most Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, which is saved. Only the hashed version is stored; the entered password is not saved for security reasons.

LAN Manager is a discontinued network operating system (NOS) available from multiple vendors and developed by Microsoft in cooperation with 3Com Corporation. It was designed to succeed 3Com's 3+Share network server software which ran atop a heavily modified version of MS-DOS.

In cryptography, PBKDF1 and PBKDF2 are key derivation functions with a sliding computational cost, used to reduce vulnerability to brute-force attacks.

In cryptography, CRAM-MD5 is a challenge–response authentication mechanism (CRAM) based on the HMAC-MD5 algorithm. As one of the mechanisms supported by the Simple Authentication and Security Layer (SASL), it is often used in email software as part of SMTP Authentication and for the authentication of POP and IMAP users, as well as in applications implementing LDAP, XMPP, BEEP, and other protocols.

In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking, and key stretching is intended to make such attacks more difficult by complicating a basic step of trying a single password candidate. Key stretching also improves security in some real-world applications where the key length has been constrained, by mimicking a longer key length from the perspective of a brute-force attacker.

Data Protection Application Programming Interface (DPAPI) is a simple cryptographic application programming interface available as a built-in component in Windows 2000 and later versions of Microsoft Windows operating systems. In theory, the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy. A detailed analysis of DPAPI inner-workings was published in 2011 by Bursztein et al.

bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.

LastPass is a password manager application owned by GoTo. The standard version of LastPass comes with a web interface, but also includes plugins for various web browsers and apps for many smartphones. It also includes support for bookmarklets.

HKDF is a simple key derivation function (KDF) based on the HMAC message authentication code. It was initially proposed by its authors as a building block in various protocols and applications, as well as to discourage the proliferation of multiple KDF mechanisms. The main approach HKDF follows is the "extract-then-expand" paradigm, where the KDF logically consists of two modules: the first stage takes the input keying material and "extracts" from it a fixed-length pseudorandom key, and then the second stage "expands" this key into several additional pseudorandom keys.

Google Authenticator is a software-based authenticator by Google. It implements multi-factor authentication services using the time-based one-time password and HMAC-based one-time password, for authenticating users of software applications.

In cryptography, scrypt is a password-based key derivation function created by Colin Percival in March 2009, originally for the Tarsnap online backup service. The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory. In 2016, the scrypt algorithm was published by IETF as RFC 7914. A simplified version of scrypt is used as a proof-of-work scheme by a number of cryptocurrencies, first implemented by an anonymous programmer called ArtForz in Tenebrix and followed by Fairbrix and Litecoin soon after.

crypt is a POSIX C library function. It is typically used to compute the hash of user account passwords. The function outputs a text string which also encodes the salt, and identifies the hash algorithm used. This output string forms a password record, which is usually stored in a text file.

In cryptography, the Salted Challenge Response Authentication Mechanism (SCRAM) is a family of modern, password-based challenge–response authentication mechanisms providing authentication of a user to a server. As it is specified for Simple Authentication and Security Layer (SASL), it can be used for password-based logins to services like SMTP and IMAP (e-mail), XMPP (chat), or MongoDB and PostgreSQL (databases). For XMPP, supporting it is mandatory.

Mitro was a password manager for individuals and teams that securely saved users' logins, and allowed users to log in and share access.

In cryptography, a pepper is a secret added to an input such as a password during hashing with a cryptographic hash function. This value differs from a salt in that it is not stored alongside a password hash, but rather the pepper is kept separate in some other medium, such as a Hardware Security Module. Note that the National Institute of Standards and Technology refers to this value as a secret key rather than a pepper. A pepper is similar in concept to a salt or an encryption key. It is like a salt in that it is a randomized value that is added to a password hash, and it is similar to an encryption key in that it should be kept secret.

JSON Web Token is a proposed Internet standard for creating data with optional signature and/or optional encryption whose payload holds JSON that asserts some number of claims. The tokens are signed either using a private secret or a public/private key.

References

1 2 Billemont, Maarten. "The Master Password Algorithm". Archived from the original on December 9, 2017. Retrieved 8 May 2015.
↑ "License file of the MasterPassword repository". GitHub . Retrieved 15 May 2015.
↑ Billemont, Maarten. "Release 1.0.0". GitHub . Retrieved 15 May 2015.
↑ Masterpassword's Firefox add-on
↑ Masterpassword's Chrome plugin
↑ Billemont, Maarten. "Master Password Homepage" . Retrieved 15 May 2015.

External links

Official website

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[:0-1] 1 2 Billemont, Maarten. "The Master Password Algorithm". Archived from the original on December 9, 2017. Retrieved 8 May 2015.

[2] "License file of the MasterPassword repository". GitHub . Retrieved 15 May 2015.

[3] Billemont, Maarten. "Release 1.0.0". GitHub . Retrieved 15 May 2015.

[4] Masterpassword's Firefox add-on

[5] Masterpassword's Chrome plugin

[6] Billemont, Maarten. "Master Password Homepage" . Retrieved 15 May 2015.

[1]

[2]

[3]

[4]

[5]

[6]