283 lines
15 KiB
HTML
283 lines
15 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<style>
|
|
body {
|
|
color: white;
|
|
text-align: center;
|
|
text-shadow: 0 1px black;
|
|
font: 16px "Baskerville";
|
|
}
|
|
h1, h2 {
|
|
margin-top: 1.5em;
|
|
padding-top: 1em;
|
|
font-family: inherit;
|
|
font-weight: bold;
|
|
}
|
|
h2 {
|
|
font-size: inherit;
|
|
}
|
|
h3 {
|
|
font-size: 12px;
|
|
}
|
|
i {
|
|
font-weight: bold;
|
|
}
|
|
q {
|
|
font-style: italic;
|
|
}
|
|
img {
|
|
display: inline-block;
|
|
height: 1.4em;
|
|
margin: -0.2em 0;
|
|
vertical-align: middle;
|
|
}
|
|
a, a:link {
|
|
color: inherit;
|
|
font-weight: bold;
|
|
}
|
|
header {
|
|
height: 8em;
|
|
padding: 3em 0 0;
|
|
}
|
|
header h1, header h2 {
|
|
margin: 0;
|
|
padding: 0.5ex;
|
|
}
|
|
header h3 {
|
|
padding-top: 2em;
|
|
}
|
|
</style>
|
|
<script src="jquery-1.6.1.min.js" type="text/javascript"></script>
|
|
<script type="text/javascript">
|
|
function setClass(activeClass) {
|
|
$(".Class").css("display", "none");
|
|
if (!$(".Class." + activeClass).length)
|
|
return "Not found: " + activeClass;
|
|
|
|
$(".Class." + activeClass).css("display", "block");
|
|
}
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<header>
|
|
<h1>Master Password</h1>
|
|
<h2>by <a href="http://www.lyndir.com">Lyndir</a></h2>
|
|
<h3>© 2011</h3>
|
|
</header>
|
|
|
|
<h2 id="1">— 1 —</h2>
|
|
<p>
|
|
<b>Find the site</b> that you need a password for by entering it into the <i>search field</i>.
|
|
</p>
|
|
<p>
|
|
<b>While searching</b>, previously used sites will show up along with a <i>usage counter</i>.<br />
|
|
The counter indicates the amount of times you've generated a password for that site.
|
|
</p>
|
|
|
|
<h2 id="2">— 2 —</h2>
|
|
<p>
|
|
<b>The site</b>'s password is now displayed.<br />
|
|
Tap it to <i>copy the password</i>. Once copied, you can switch to another application and paste it into a password field.
|
|
</p>
|
|
|
|
<p class="Class MPElementStoredEntity">
|
|
<b>To change</b> the password for this site, tap the <i>edit icon</i> <img src="icon_edit.png" />.
|
|
</p>
|
|
<p>
|
|
<b>Below the password</b> you can set the <i>password type</i>. Some types <i>create a password for you</i>,
|
|
others let you <i>choose your own</i>.
|
|
</p>
|
|
<p class="Class MPElementGeneratedEntity">
|
|
<b>If the site complains</b> when you try to set or update the password, try changing the password type.
|
|
</p>
|
|
|
|
<p class="Class MPElementGeneratedEntity">
|
|
<b>To create another</b> password for this site, you can increment the <i>password counter</i> <img src="icon_plus.png" />.
|
|
This is useful, for example, when you've had to share the password with somebody else.
|
|
</p>
|
|
|
|
<h2 id="faq">— F.A.Q. —</h2>
|
|
|
|
<h3>What is this thing?<br />
|
|
How do I use it?</h3>
|
|
<p>
|
|
You use it by searching for the name of your site (you choose this yourself. For Twitter, you could use
|
|
<code>twitter</code>, <code>twitter.com</code>, or something else entirely as the name. Just remember how
|
|
you name your sites and try to be consistent). Tap the resulting password to copy it for pasting elsewhere
|
|
or type it manually on your computer.
|
|
</p>
|
|
<p>
|
|
The thought behind this application is to secure your online life by <b>changing all of your passwords</b>
|
|
to passwords generated by this app.
|
|
</p>
|
|
|
|
<h3>That's crazy talk.<br />
|
|
Why would I do that?</h3>
|
|
<p>
|
|
The theory of password authentication is simple: To log in to a site, you share a secret word with the site
|
|
that <b>only you and the site know</b>. Because nobody else knows your secret password, nobody else can log
|
|
into your site.
|
|
</p>
|
|
<p>
|
|
It sounds good in theory. In practice, it's an <b>absolute hell</b>. These days, people have hundreds of
|
|
accounts on sites all over the Internet. Does that mean we're all remembering hundreds of secret passwords?
|
|
No, of course not. That would be impossible. If you're like most people, you remember one or two
|
|
passwords, and use those for all your sites everywhere.
|
|
</p>
|
|
<p>
|
|
<q>So, what?</q>, you might say.<br />
|
|
Here's the problem: When you share a secret password with a site, and then share the same secret password
|
|
with another site, both sites can now use the password you gave them to log into your account on the
|
|
<i>other</i> site. Nothing is stopping them from trying to log into <i>your</i> GMail, Hotmail or Twitter
|
|
accounts using the same password that you used to register an account on their site. Even if you only give
|
|
your password to sites you trust, all it takes is for one of those sites to get hacked and loose their
|
|
passwords database. Those hackers now have all it takes to impersonate you. This is, in fact, so common,
|
|
that it's one of the main reasons people's accounts are getting hacked nowadays.
|
|
</p>
|
|
<p>
|
|
Some of you already try to remember unique-ish passwords for different sites. This causes problems too:
|
|
with so many passwords to remember, you easily forget passwords for sites you haven't used in a while. Or
|
|
you make up a simplification algorithm such as tacking your birth year onto the site name. This is really
|
|
not any more secure than using the same password for every site. And then there's those sites with
|
|
<q>password policies</q>: suddenly your long password isn't good enough, because it begins with a number,
|
|
or because (god forbid) it's <q>too long</q>. You now find yourself forced to create a strange variant
|
|
of your password that you'll have forgotten before the day is out.
|
|
</p>
|
|
<p>
|
|
This app <b>solves the problem</b> by letting you remember only a single password without requiring you to
|
|
share the password with anyone else. Instead, the app creates secure passwords for use with whatever site
|
|
or purpose you might need a password for.
|
|
</p>
|
|
|
|
<h3>I can't change all my passwords.<br />
|
|
Some of them were assigned to me.</h3>
|
|
<p>
|
|
That's why this application allows you to change the password type to <code>Personal</code> or <code>Device
|
|
Private</code>. These types let you enter a password for a site, and the app will encrypt and save it so
|
|
you it's there for future reference.
|
|
</p>
|
|
<p>
|
|
These types of <q>stored</q> passwords don't have all the advantages that their generated counterparts have
|
|
(they can be lost if you loose your device and don't back it up), but when you can't change a site's
|
|
password to one generated by the app, this is as good as it gets.
|
|
</p>
|
|
|
|
<h3>So, what if I loose my device?<br />
|
|
I'm locked out of everything?</h3>
|
|
<p>
|
|
<b>Absolutely not!</b> In fact, generated passwords aren't even stored on your device. No, not in the
|
|
cloud either. They're not stored anywhere! What that basically means is, if you grab the iPhone of a
|
|
colleague or friend and open this app on it with your own master password, <i>it'll give you all your
|
|
generated passwords</i> (don't worry, it's perfectly safe). So, if you loose your iPhone or forget it,
|
|
just open the app on your iPad, or borrow a friend's phone, and you're back in business. No backups or
|
|
restores needed.
|
|
</p>
|
|
<p>
|
|
This also means that, unlike all those apps that store your passwords or send them off to be stored on the
|
|
Internet, this app makes your passwords much safer from theft. If your device is stolen, the thieves can't
|
|
get at your passwords. There's also no cloud service that can be mis-managed or hacked.
|
|
</p>
|
|
|
|
<h3>Great, but that still means I need my phone to get my passwords.</h3>
|
|
<p>
|
|
Correct. However, remember that usually you'll only need to use this app once for each site. After you log
|
|
into a site once using the password generated by this app, your browser will probably ask you to remember
|
|
the password for the future. Agree to that, and you won't need to bring up your phone again the next time
|
|
you log in to the account.
|
|
</p>
|
|
<p>
|
|
A <b>Mac version</b> of this app is also in the works so that you can easily get to all of your passwords
|
|
without needing to bring up your phone. More technically savvy users can already download a <b>Bash
|
|
script</b> from the homepage that can generate these passwords for you on any POSIX system (such as your
|
|
Mac).
|
|
</p>
|
|
|
|
<h3>I'm paranoid.<br />
|
|
How do I maximize my security?</h3>
|
|
<p>
|
|
For starters, make sure you've changed the passwords of all your sites you have accounts for to those
|
|
generated by this app and make sure that you use this app when registering a new account somewhere, to
|
|
determine the password to use for the account.
|
|
</p>
|
|
<p>
|
|
It's also important that you've chosen a long master password. Short master passwords, especially 4-digit
|
|
PIN codes, are easily brute-forced by attackers. Using a <b>12-character master password</b> provides
|
|
sufficient entropy to protect against any modern-day attempt at brute-forcing, assuming the password is not
|
|
based on easily determined facts (names, birth dates, etc.). If you're really paranoid, install a keyboard
|
|
of a non-latin script (russian, chinese, ...) and create a master password using these characters or even a
|
|
mix between scripts. Just don't forget it! :-)
|
|
</p>
|
|
<p>
|
|
If you go into <code>Settings</code>, on the bottom you'll find an entry for this application; tap it to
|
|
find some advanced settings for the app. Here, you can disable <code>Remember my password</code>. Doing
|
|
so will force the app to ask for your master password each time you open it. That way, when you show your
|
|
phone to somebody else after unlocking it, they can't go through your passwords.
|
|
</p>
|
|
|
|
<h3>I forgot my master password. What are my options?</h3>
|
|
<p>
|
|
Due to the nature of this app's algorithms and the decisions that were made to protect against brute-force
|
|
attacks, it is simply infeasible to recover your master password. If you really can't remember it, your
|
|
passwords are <b>gone</b>.
|
|
</p>
|
|
<p>
|
|
Where you go from here is, you change your master password (In <code>Settings</code>, flip <code>Change my
|
|
password</code> and start the app again), and for each of your accounts, you go through the password
|
|
recovery procedure (which will usually involve sending a message to your E-Mail account) and reset the
|
|
passwords of these accounts to passwords generated by your newly chosen master password. Just don't forget
|
|
it again! :-)
|
|
</p>
|
|
|
|
<h3>So how does this thing work internally?</h3>
|
|
<p>
|
|
Alright, let's describe the process in detail. This part will likely make sense to you only if you're
|
|
well versed in computer security jargon. If you're the kind of person who likes to know how the clock
|
|
ticks before deciding that it can be trusted to keep ticking, read on.
|
|
</p>
|
|
<p>
|
|
The user chooses a single master password, preferably sufficiently long to harden against brute-force
|
|
attacks. When the user requests a password be generated for a site, the application composes a string
|
|
consisting of the site name, the master password, and a password counter, delimited in that order by a dash
|
|
character, and hashes those <code>UTF-8</code> bytes using the <code>SHA-1</code> algorithm. The bytes
|
|
resulting from this hashing operation are called the <code>keyBytes</code> in the next steps.
|
|
</p>
|
|
<p>
|
|
Next, we need the password type that the user has chosen to use for the site. Password types determine the
|
|
<q>cipher</q> that will be used to encrypt <code>keyBytes</code> into a readable password. For
|
|
instance, the standard password type <q>Long Password</q> activates one of three pre-set ciphers:
|
|
<code>CvcvCvcvnoCvcv</code>, <code>CvcvnoCvcvCvcv</code> or <code>CvcvCvcvCvcvno</code>. Which of those
|
|
will be used, depends on the first of the <code>keyBytes</code>. Take the byte value modulo the amount of
|
|
pre-set ciphers (in this case, three), and the result tells you which of the three ciphers to use.
|
|
</p>
|
|
<p>
|
|
Now that we know what cipher to use for building our final password, all that's left is to iterate the
|
|
cipher, and produce a character of password output for each step. When you iterate the cipher, every
|
|
character in the cipher represents a set of possible output characters. For instance, a <code>C</code>
|
|
character in the cipher indicates that we need to choose a capital consonant character. An <code>o</code>
|
|
character in the cipher indicates that we need to choose an <q>other</q> (symbol) character. Exactly which
|
|
character to choose in that set for the password output depends on the next byte from <code>keyBytes</code>.
|
|
Like before, take the next unused <code>keyByte</code>'s byte value modulo the amount of characters in the
|
|
set of possible output characters for the cipher iteration and use the result to choose the output
|
|
character. Repeat until you've iterated the whole cipher.
|
|
</p>
|
|
<p>
|
|
The result is a password whose format is dictated by the password type's ciphers and whose exact value is
|
|
filled in by feeding the algorithm some bytes from a hash operation on the user's givens.
|
|
</p>
|
|
|
|
<h3>This stuff is gold.<br />
|
|
I want one branded for our company.</h3>
|
|
<p>
|
|
Contact me directly for enterprise inquiries. I can provide branded clients and enterprise distribution
|
|
if your company is interested in deploying this solution internally.
|
|
</p>
|
|
|
|
<footer>
|
|
<a href="http://masterpassword.lyndir.com">Homepage</a> | <a href="http://www.lyndir.com">Lyndir</a> |
|
|
<a href="http://www.lyndir.com/contact">Contact</a>
|
|
</footer>
|
|
|
|
</body>
|
|
</html>
|