<pclass="chromeframe">You are using an <strong>outdated</strong> browser. Please <ahref="http://browsehappy.com/">upgrade your browser</a> or <ahref="http://www.google.com/chromeframe/?redirect=true">activate Google Chrome Frame</a> to improve your experience.</p>
<atitle="Mac, Linux, UNIX, Windows (graphical interface)"href="masterpassword-gui.jar"onclick="goog_report_conversion('index-fixed-header');_gaq.push(['_trackPageview', '/outbound/gui/java']);">Desktop (Java)<imgclass="popup"src="img/java-gui.png"/></a> |
<atitle="Mac, Linux, UNIX, Windows (command line interface)"href="masterpassword-cli.zip"onclick="goog_report_conversion('index-fixed-header');_gaq.push(['_trackPageview', '/outbound/cli/java']);">Terminal (Java)<imgclass="popup"src="img/java-cli.png"/></a> |
<atitle="command line interface"href="https://github.com/Lyndir/MasterPassword/tree/master/MasterPassword/C"onclick="goog_report_conversion('index-fixed-header');_gaq.push(['_trackPageview', '/outbound/cli/c']);">Terminal (C)<imgclass="popup"src="img/c-cli.png"/></a>
<p><strong>Master Password is <em>different</em></strong>: it is based on an ingenious password generation algorithm that guarantees your passwords <em>can never be lost</em>.</p>
<p>While password managers generally save your passwords in an encrypted vault or upload them to the cloud for safe-keeping, they make you dependent on syncing, backups or Internet access.</p>
<p>Master Password has none of these downsides. Its passwords aren't stored: they are <b>generated on-demand</b> from your name, the site and your master password; <em>even on a brand-new iPhone</em> without restoring any backups or Internet access.</p>
<p>Master Password is based on a stateless algorithm which frees it from the reliance on storage of secrets.</p>
<p>Since your generated passwords aren't saved to your device, there is <strong>no risk you'll be forced to divulge them to aggressive peers</strong>. And since these passwords don't need to be backed up or synchronized between devices over the network, there is <strong>no risk of them getting intercepted</strong>.</p>
<p>Finally, Master Password is <ahref="http://github.com/Lyndir/MasterPassword/"onclick="_gaq.push(['_trackPageview', '/outbound/github']);">free software (GPLv3)</a>, its algorithm <ahref="/algorithm.html">extensively documented</a> and does not require you to trust any external party. This is particularly interesting in a society where things like <ahref="http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data"
onclick="_gaq.push(['_trackPageview', '/outbound/prism']);">PRISM</a> and <ahref="http://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email"onclick="_gaq.push(['_trackPageview', '/outbound/gag']);">gag orders</a> are a real threat.</p>
<p>Contrary to other password solutions, Master Password doesn't need to send your passwords over the network to make them ubiquitously available. Just add your user and site names to each of your devices and your passwords will be available instantly on all of them.</p>
<p>Since Master Password generates your passwords on-demand based on your user name and master password, you don't need to back up your generated passwords or send them over the wire to all your other devices to make them available everywhere. This gives you massive availability advantages, but also helps thwart man-in-the-middle attacks, snooping and trust issues related to cloud providers.</p>
<p>Master Password comes with a variety of built-in password types. These types make your site's password look different, become more secure or more compatible with a site's password policy.</p>
<p>The default password is a great balance between security, compatibility and convenience. It is designed to provide great entropy (security) whilst still being easy to manually enter or remember if needed.</p>
<p>You can generate a more secure password, or switch it to a PIN type to use for your bank card or cell phone's SIM lock.</p>
<p>Master Password also implements a hybrid solution allowing you to save custom passwords in the app. These passwords are AES encrypted using a large key derived from your master password. This grants people who are forced to use a certain password (eg. by their systems administrators) a maximally secure solution given their situational constraints.</p>