<!DOCTYPE html>
<html class="no-js" itemscope itemtype="://schema.org/Product">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title itemprop="name">Master Password — Secure your life, forget your passwords.</title>
<meta itemprop="description" content="Master Password is an ingenious password solution that makes your passwords truly impossible to lose." />
<meta itemprop="image" content="img/about.png" />
<meta name="apple-itunes-app" content="app-id=510296984" />
<meta name="viewport" content="width=device-width">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="icon" href="img/favicon.png" type="image/x-png" />
<link rel="shortcut icon" href="img/favicon.png" type="image/x-png" />
<link rel="stylesheet" href="css/bootstrap.min.css">
<link rel="stylesheet" href="css/bootstrap-responsive.min.css">
<link rel="stylesheet" href="css/main.css?7">
<script src="js/vendor/modernizr-2.6.2.min.js"></script>
<script src="js/vendor/prefixfree.min.js"></script>
</head>
<body itemscope itemtype="://schema.org/MobileSoftwareApplication" id="app">
<!--[if lt IE 7]>
<p class="chromeframe">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> or <a href="http://www.google.com/chromeframe/?redirect=true">activate Google Chrome Frame</a> to improve your experience.</p>
<![endif]-->
<div id="scrollDown">⇣</div>
<nav class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container">
<button type="button" class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="active brand" href="./">●●●|</a>
<div class="nav-collapse collapse">
<ul class="nav">
<li><a href="what.html">What is it? How do I use it?</a></li>
<li><a href="security.html">Is it safe?</a></li>
<li><a href="algorithm.html">How does it work?</a></li>
</ul>
<ul class="nav pull-right">
<li><a href="irc://irc.freenode.net/#masterpassword" onclick="_gaq.push(['_trackPageview', '/outbound/irc']);">#masterpassword</a></li>
<li><a href="https://ssl.masterpasswordapp.com">HTTPS</a></li>
<li class="divider-vertical"></li>
<li><a href="faq.html">FAQ</a></li>
<li><a href="support.html">Support</a></li>
<li><a href="https://github.com/Lyndir/MasterPassword/" onclick="_gaq.push(['_trackPageview', '/outbound/github']);">Source</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
</nav>
<header>
<div class="background" data-stellar-ratio="0.4"></div>
<div class="container">
<div class="movie">
<video>
<source src="vid/about.webm" type="video/webm; codecs=vp8,vorbis">
<source src="vid/about.mp4" type="video/mp4">
<source src="vid/about.ogv" type="video/ogg; codecs=theora,vorbis">
</video>
<h5 class="fallback"><a href="https://vimeo.com/108192090">I've been waiting for <em>hours</em> and it's still loading...</a></h5>
</div>
<a href="javascript:toggleMovie()" class="moviecontrol" onclick="$(this).toggleClass('active');_gaq.push(['_trackPageview', '/video/about']);"></a>
<div class="content">
<h1>Master Password</h1>
<h2>Secure your life, forget your passwords.</h2>
</div>
</div>
</header>
<section>
<h4>
Get it for:
<a title="iPhone, iPad, iPod touch" href="https://itunes.apple.com/app/id510296984" onclick="_gaq.push(['_trackPageview', '/outbound/ios']);">iPhone / iPad<img class="popup" src="img/ios.png" /></a> |
<a title="Mac (graphical interface)" href="https://itunes.apple.com/app/id662763204" onclick="_gaq.push(['_trackPageview', '/outbound/gui/mac']);">Mac<img class="popup border" src="img/mac-gui.png" /></a> |
<a title="Mac, Linux, UNIX, Windows (graphical interface)" href="https://ssl.masterpasswordapp.com/masterpassword-gui.jar" onclick="_gaq.push(['_trackPageview', '/outbound/gui/java']);">Desktop (Java)<img class="popup" src="img/java-gui.png" /></a> |
Terminal (<a title="Mac, Linux, POSIX (command line interface)" href="https://ssl.masterpasswordapp.com/masterpassword-cli.tar.gz" onclick="_gaq.push(['_trackPageview', '/outbound/cli/c']);">Native C<img class="popup" src="img/c-cli.png" /></a>) |
<a title="Android" href="https://ssl.masterpasswordapp.com/masterpassword-android.apk" onclick="_gaq.push(['_trackPageview', '/outbound/android']);">Android (Beta)<img class="popup" src="img/android.png" /></a> |
<a title="JavaScript" href="https://js.masterpasswordapp.com/" onclick="_gaq.push(['_trackPageview', '/outbound/js']);">Web (Beta)<img class="popup border" src="img/web.png" /></a>
</h4>
</section>
<section><div class="content">
<div class="thumb clearfix">
<img class="pull-right" src="img/thumb-iphone-broken.png" />
<h1>Nothing To Lose</h1>
<p><strong>Master Password is <em>different</em></strong>: it is based on an ingenious password generation algorithm that guarantees your passwords <em>can never be lost</em>.</p>
<p>While password managers generally save your passwords in an encrypted vault or upload them to the cloud for safe-keeping, they make you dependent on syncing, backups or Internet access.</p>
<p>Master Password has none of these downsides. Its passwords aren't stored: they are <b>generated on-demand</b> from your name, the site and your master password; <em>even on a brand-new iPhone</em> without restoring any backups or Internet access.</p>
</div>
<div class="thumb clearfix">
<img class="pull-left" src="img/thumb-iphone-pw.png" />
<h1>Nothing To Intercept</h1>
<p>Master Password is based on a stateless algorithm which frees it from the reliance on storage of secrets.</p>
<p>Since your generated passwords aren't saved to your device, there is <strong>no risk you'll be forced to divulge them to aggressive peers</strong>. And since these passwords don't need to be backed up or synchronized between devices over the network, there is <strong>no risk of them getting intercepted</strong>.</p>
<p>Finally, Master Password is <a href="https://github.com/Lyndir/MasterPassword/" onclick="_gaq.push(['_trackPageview', '/outbound/github']);">free software (GPLv3)</a>, its algorithm <a href="/algorithm.html">extensively documented</a> and does not require you to trust any external party. This is particularly interesting in a society where things like <a href="http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data"
onclick="_gaq.push(['_trackPageview', '/outbound/prism']);">PRISM</a> and <a href="http://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email" onclick="_gaq.push(['_trackPageview', '/outbound/gag']);">gag orders</a> are a real threat.</p>
</div>
<div class="thumb clearfix">
<img class="pull-right" src="img/thumb-iphone-mac-sync.png" />
<h1>Always In Sync</h1>
<p>Contrary to other password solutions, Master Password <strong>doesn't need to send your passwords over the network</strong> to make them ubiquitously available. Just add your user and site names to each of your devices and your passwords will be available instantly on all of them.</p>
<p>No cloud provider to trust, no backups to maintain and no data connection for keeping in sync. Since Master Password generates your passwords on-demand based on your user name and master password, you don't have any of these fragile dependencies. This gives you massive availability advantages, but also helps thwart man-in-the-middle attacks, snooping and trust issues related to cloud providers.</p>
</div>
<div class="thumb clearfix">
<img class="pull-left" src="img/thumb-iphone-types.png" />
<h1>For Any Purpose</h1>
<p>Master Password comes with a variety of built-in password types. These types make your site's password look different, become more secure or more compatible with a site's password policy.</p>
<p>The default password is a great balance between security, compatibility and convenience. It is designed to provide great entropy (security) whilst still being easy to manually enter or remember if needed.</p>
<p>You can generate a more secure password, or switch it to a PIN type to use for your bank card or cell phone's SIM lock.</p>
<p>Master Password also implements a hybrid solution allowing you to save custom passwords in the app. These passwords are AES encrypted using a large key derived from your master password. This grants people who are forced to use a certain password (eg. by their systems administrators) a maximally secure solution given their situational constraints.</p>
</div>
</div></section>
<footer><div class="muted content">
<p><em>Master Password is a security product and algorithm by <a href="http://www.lhunath.com" onclick="_gaq.push(['_trackPageview', '/outbound/lhunath']);">Maarten Billemont</a>, <a href="http://www.lyndir.com" onclick="_gaq.push(['_trackPageview', '/outbound/lyndir']);">Lyndir</a> (© 2011-2014).</em><br>Usage implies agreement with our <a href="privacy.html">privacy policy and disclaimer</a>.</p>
<p><a href="http://gorillas.lyndir.com" onclick="_gaq.push(['_trackPageview', '/outbound/gorillas']);">Gorillas</a> ● <a href="http://deblock.lyndir.com" onclick="_gaq.push(['_trackPageview', '/outbound/deblock']);">DeBlock</a> ● <a href="https://github.com/Lyndir" onclick="_gaq.push(['_trackPageview', '/outbound/github']);">GitHub</a> ● <a href="http://thanks.lhunath.com" onclick="_gaq.push(['_trackPageview', '/outbound/thanks']);">Send Thanks</a></p>
</div></footer>
<!-- Scripts -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script>window.jQuery || document.write('<script src="js/vendor/jquery-1.9.1.min.js"><\/script>')</script>
<script src="js/vendor/bootstrap.min.js"></script>
<script src="js/plugins.js?1"></script>
<script src="js/main.js?1"></script>
<!-- Internet Defense League -->
<script type="text/javascript">
window._idl = {};
_idl.variant = "modal";
(function() {
var idl = document.createElement('script');
idl.type = 'text/javascript';
idl.async = true;
idl.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + 'members.internetdefenseleague.org/include/?url=' + (_idl.url || '') + '&campaign=' + (_idl.campaign || '') + '&variant=' + (_idl.variant || 'banner');
document.getElementsByTagName('body')[0].appendChild(idl);
})();
</script>
<!-- Google Analytics -->
<script>
var _gaq=[['_setAccount','UA-90535-15'],['_trackPageview']];
(function(d,t){var g=d.createElement(t),s=d.getElementsByTagName(t)[0];
g.src=('https:'==location.protocol?'//ssl':'//www')+'.google-analytics.com/ga.js';
s.parentNode.insertBefore(g,s)}(document,'script'));
</script>
<!-- Google +1 -->
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<!-- Tender -->
<script src="https://masterpassword.tenderapp.com/tender_widget.js" type="text/javascript"></script>
</body>
</html>