44911f1d9e
[FIXED] Immediately open the application on the password entry view if the key is forgotten instead of revealing the internals in a blink. [FIXED] Clean up the UI better when switching between master passwords. [ADDED] Ask spelling confirmation when a master password is used that doesn't have any known sites yet. [ADDED] iPad HD quality icon. [IMPROVED] Artworks re-generated, downscale improved, convertImages improved. [IMPROVED] Small guide text improvements. [UPDATED] Help texts updated for current operation and UI.
301 lines
16 KiB
HTML
301 lines
16 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<style>
|
|
body {
|
|
color: white;
|
|
text-align: center;
|
|
text-shadow: 0 1px black;
|
|
font: 16px "Baskerville";
|
|
}
|
|
h1, h2 {
|
|
margin-top: 1.5em;
|
|
padding-top: 1em;
|
|
font-family: inherit;
|
|
font-weight: bold;
|
|
}
|
|
h2 {
|
|
font-size: inherit;
|
|
}
|
|
h3 {
|
|
padding-top: 1.5em;
|
|
font-size: 12px;
|
|
}
|
|
i {
|
|
font-weight: bold;
|
|
}
|
|
q {
|
|
font-style: italic;
|
|
}
|
|
img {
|
|
display: inline-block;
|
|
height: 1.4em;
|
|
margin: -0.2em 0;
|
|
vertical-align: middle;
|
|
}
|
|
a, a:link {
|
|
color: inherit;
|
|
font-weight: bold;
|
|
}
|
|
header {
|
|
height: 8em;
|
|
padding: 3em 0 0;
|
|
}
|
|
header h1, header h2 {
|
|
margin: 0;
|
|
padding: 0.5ex;
|
|
}
|
|
header h3 {
|
|
padding-top: 2em;
|
|
}
|
|
</style>
|
|
<script src="jquery-1.6.1.min.js" type="text/javascript"></script>
|
|
<script type="text/javascript">
|
|
function setClass(activeClass) {
|
|
$(".Class").css("display", "none");
|
|
if (!$(".Class." + activeClass).length)
|
|
return "Not found: " + activeClass;
|
|
|
|
$(".Class." + activeClass).css("display", "block");
|
|
}
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<header>
|
|
<h1>Master Password</h1>
|
|
<h2>by <a href="http://www.lyndir.com">Lyndir</a></h2>
|
|
<h3>© 2011</h3>
|
|
</header>
|
|
|
|
<h2 id="1">— 1 —</h2>
|
|
<p>
|
|
<b>Find the site</b> that you need a password for by entering its name into the <i>search field</i>.
|
|
</p>
|
|
<p>
|
|
<b>While searching</b>, the names of previously used sites will be listed.<br />
|
|
Tap one of these results to go straight to its password.
|
|
</p>
|
|
|
|
<h2 id="2">— 2 —</h2>
|
|
<p>
|
|
<b>The site</b>'s password is now displayed.<br />
|
|
Tap it to <i>copy the password</i>. Once copied, you can switch to another application and paste it into a password field.
|
|
</p>
|
|
|
|
<p class="Class MPElementStoredEntity">
|
|
<b>To change</b> the password for this site, tap the <i>edit icon</i> <img src="icon_edit.png" />.
|
|
</p>
|
|
|
|
<p>
|
|
<b>Below the password</b> you can set the <i>password type</i>. Some types <i>create a password for you</i>,
|
|
others let you <i>choose your own</i>.
|
|
</p>
|
|
|
|
<p class="Class MPElementGeneratedEntity">
|
|
<b>If the site complains</b> when you try to set or update the password, try changing the password type.
|
|
</p>
|
|
<p class="Class MPElementGeneratedEntity">
|
|
<b>To create a new</b> password for this site, you can increment the <i>password counter</i> <img src="icon_plus.png" />.
|
|
This is useful, for example, after you've had to share the password with somebody else.
|
|
</p>
|
|
|
|
<h2 id="faq">— F.A.Q. —</h2>
|
|
|
|
<h3>What is this thing?<br />
|
|
How do I use it?</h3>
|
|
<p>
|
|
<b>Begin by entering the name</b> of the thing you want a password for. Naming is entirely up to you, but remember to be consistent.<br />
|
|
<i>Good names</i> could be:<br />
|
|
<code>apple.com</code>, <code>john@doe.com</code>, <code>office safe</code>, <code>bike lock</code>, etc.
|
|
</p>
|
|
<p>
|
|
Every name has a different password, so the following names may be <i>difficult to recall</i>:<br />
|
|
<code>pw for amazon</code>, <code>pin for my cell</code>, etc.
|
|
</p>
|
|
<p>
|
|
<b>Tap the resulting password</b> to copy it for pasting in a different application or read it to type it in or use it manually elsewhere.
|
|
</p>
|
|
<p>
|
|
The thought behind this application is to secure your online (and offline) life by <b>changing all of your passwords</b>
|
|
to passwords generated by this app.
|
|
</p>
|
|
|
|
<h3>That's crazy talk.<br />
|
|
Why would I do that?</h3>
|
|
<p>
|
|
The theory of password authentication is simple: To log in to a site, you share a secret word with the site
|
|
that <b>only you and the site know</b>. Since nobody else knows your secret password, nobody else can log
|
|
into your account.
|
|
</p>
|
|
<p>
|
|
It sounds good in theory. In practice, it's an <b>absolute hell</b>. These days, people have hundreds of
|
|
accounts on sites all over the Internet. Does that mean we're all remembering hundreds of secret passwords?
|
|
No, of course not. That would be impossible. If you're like most people, you remember one or two
|
|
passwords, and use those for all your sites everywhere.
|
|
</p>
|
|
<p>
|
|
<q>So, what?</q>, you might say.<br />
|
|
Here's the problem: When you share a secret password with a site, and then share the same secret password
|
|
with another site, both sites can now use the password you gave them to log into your account on the
|
|
<i>other</i> site. Nothing is stopping them from trying to log into <i>your</i> GMail, Hotmail or Twitter
|
|
accounts using the same password that you used to register an account on their site. Even if you only give
|
|
your password to sites you trust, all it takes is for one of those sites to get hacked and lose their
|
|
passwords database. Those hackers now have all it takes to impersonate you. This is, in fact, so common,
|
|
that it's one of the main reasons people's accounts are getting hacked nowadays.
|
|
</p>
|
|
<p>
|
|
Some of you already try to remember unique-ish passwords for different sites. This causes problems too:
|
|
with so many passwords to remember, you easily forget passwords for sites you haven't used in a while. Or
|
|
you make up a simplification algorithm such as tacking your birth year onto the site name. This is really
|
|
not any more secure than using the same password for every site. And then there's those sites with
|
|
<q>password policies</q>: suddenly your long password isn't good enough, because it begins with a number,
|
|
or because (god forbid) it's <q>too long</q>. You now find yourself forced to create a strange variant
|
|
of your password that you'll have forgotten before the day is out.
|
|
</p>
|
|
<p>
|
|
This app <b>solves the problem</b> by letting you remember only a single password without requiring you to
|
|
share the password with anyone else. Instead, the app creates secure passwords for use with whatever site
|
|
or purpose you might need a password for.
|
|
</p>
|
|
|
|
<h3>I can't change all my passwords.<br />
|
|
Some of them were assigned to me.</h3>
|
|
<p>
|
|
That's why this application allows you to change the password type to <code>Personal</code> or <code>Device
|
|
Private</code>. These types let you enter a password for a site, and the app will encrypt and save it so
|
|
you it's there for future reference.
|
|
</p>
|
|
<p>
|
|
These types of <q>stored</q> passwords don't have all the advantages that their generated counterparts have
|
|
(they can be lost if you lose your device and don't back it up), but when you can't change a site's
|
|
password to one generated by the app, this is as good as it gets.
|
|
</p>
|
|
|
|
<h3>So, what if I lose my device?<br />
|
|
I'm locked out of everything?</h3>
|
|
<p>
|
|
<b>Absolutely not!</b> In fact, generated passwords aren't even stored on your device. No, not in the
|
|
cloud either. They're not stored anywhere! What that basically means is, if you grab the iPhone of a
|
|
colleague or friend and open this app on it with your own master password, <i>it'll give you all your
|
|
generated passwords</i> (don't worry, it's perfectly safe). So, if you lose your iPhone or forget it,
|
|
just open the app on your iPad, or borrow a friend's phone, and you're back in business. No backups or
|
|
restores needed.
|
|
</p>
|
|
<p>
|
|
This also means that, unlike all those apps that store your passwords or send them off to be stored on the
|
|
Internet, this app makes your passwords much safer from theft. If your device is stolen, the thieves can't
|
|
get at your passwords. There's also no cloud service that can be mis-managed or hacked.
|
|
</p>
|
|
|
|
<h3>Great, but that still means I need my phone to get my passwords.</h3>
|
|
<p>
|
|
Correct. However, remember that usually you'll only need to use this app once for each site. After you log
|
|
into a site once using the password generated by this app, your browser will probably ask you to remember
|
|
the password for the future. Agree to that, and you won't need to bring up your phone again the next time
|
|
you log in to the account.
|
|
</p>
|
|
<p>
|
|
There is also a <b>Mac version</b> of Master Password available from the App Store. It allows you to
|
|
generate any of your passwords without even needing to take out your phone.
|
|
</p>
|
|
|
|
<h3>I'm paranoid.<br />
|
|
How do I maximize my security?</h3>
|
|
<p>
|
|
For starters, make sure you've changed the passwords of all your sites you have accounts for to those
|
|
generated by this app and make sure that you use this app when registering a new account somewhere, to
|
|
determine the password to use for the account.
|
|
</p>
|
|
<p>
|
|
It's also important that you've chosen a long master password. Short master passwords, especially 4-digit
|
|
PIN codes, are trivial to guess by attackers. Using a <b>10-character master password</b> provides
|
|
sufficient entropy to protect against any modern-day attempt at brute-forcing, assuming the password is not
|
|
based on easily determined facts (names, birth dates, etc.). A better idea yet is to use a pass phrase,
|
|
ideally an absurd sentence. These are usually much easier to remember and much harder to guess by attackers.
|
|
If you're really paranoid, install a keyboard of a non-latin script (russian, chinese, ...) and create a
|
|
master password using these characters or even a mix between scripts.<br />
|
|
<b>Just don't forget it!</b> :-)
|
|
</p>
|
|
<p>
|
|
Using the action icon on the top right, select <code>Settings</code> to find some advanced settings for
|
|
the application. Here, you can disable <code>Remember my password</code>. Doing so will force the
|
|
application to ask for your master password each time you open it. That way, when you show your
|
|
phone to somebody else after unlocking it, they can't go through your passwords.
|
|
</p>
|
|
|
|
<h3>I forgot my master password. What are my options?</h3>
|
|
<p>
|
|
Due to the nature of this app's algorithms and the decisions that were made to protect against brute-force
|
|
attacks, it is simply infeasible to recover your master password. If you really can't remember it, your
|
|
passwords are <b>gone</b>.
|
|
</p>
|
|
<p>
|
|
Where you go from here is, you log in with a new master password, and for each of your accounts, you go
|
|
through the password recovery procedure (which will usually involve sending a message to your email account)
|
|
and reset the passwords of these accounts to passwords generated by your newly chosen master password.<br />
|
|
Just don't forget it again! :-)
|
|
</p>
|
|
|
|
<h3>So how does this thing work internally?</h3>
|
|
<p>
|
|
The way Master Password works internally is <i>fully disclosed</i>. The source code for this application
|
|
is also available from <b>GitHub</i>. I invite anyone with a technical background to go through these
|
|
resources to make certain of the trustworthyness of Master Password.
|
|
</p>
|
|
<p>
|
|
This part will likely make sense to you only if you're well versed in computer security jargon. If you're
|
|
the kind of person who likes to know how the clock ticks before deciding that it can be trusted to keep
|
|
ticking, read on.
|
|
</p>
|
|
<p>
|
|
The user chooses a single master password, preferably sufficiently long to harden against brute-force
|
|
attacks. The application then creates a scrypt key derivative from the user's password. This process
|
|
takes quite a bit of processing time and memory. It makes brute-forcing the master password
|
|
<b>far more difficult</b>, to practically infeasible, even for otherwise vulnerable password strings.
|
|
</p>
|
|
<p>
|
|
When the user requests a password be generated for a site, the application composes a byte buffer
|
|
consisting of the site's name (<code>UTF-8</code> encoded), the key derived from the master password,
|
|
and a password counter, delimited in that order by a NUL byte. The bytes are hashed using the
|
|
<code>SHA-1</code> algorithm. The bytes resulting from this hashing operation are called the
|
|
<code>seed</code> in the next steps.
|
|
</p>
|
|
<p>
|
|
Next, we need the password type that the user has chosen to use for the site. Password types determine the
|
|
<q>cipher</q> that will be used to encrypt <code>seed</code> into a readable password. For
|
|
instance, the standard password type <q>Long Password</q> activates one of three pre-set ciphers:
|
|
<code>CvcvCvcvnoCvcv</code>, <code>CvcvnoCvcvCvcv</code> or <code>CvcvCvcvCvcvno</code>. Which of those
|
|
will be used, depends on the first of the <code>seed</code> bytes. Take the byte value modulo the amount of
|
|
pre-set ciphers (in this case, three), and the result tells you which of the three ciphers to use.
|
|
</p>
|
|
<p>
|
|
Now that we know what cipher to use for building our final password, all that's left is to iterate the
|
|
cipher, and produce a character of password output for each step. When you iterate the cipher, every
|
|
character in the cipher represents a set of possible output characters. For instance, a <code>C</code>
|
|
character in the cipher indicates that we need to choose a capital consonant character. An <code>o</code>
|
|
character in the cipher indicates that we need to choose an <q>other</q> (symbol) character. Exactly which
|
|
character to choose in that set for the password output depends on the next byte from <code>seed</code> bytes.
|
|
Like before, take the next unused <code>seed</code> byte's byte value modulo the amount of characters in the
|
|
set of possible output characters for the cipher iteration and use the result to choose the output
|
|
character. Repeat until you've iterated the whole cipher.
|
|
</p>
|
|
<p>
|
|
The result is a password whose format is dictated by the password type's ciphers and whose exact value is
|
|
filled in by feeding the algorithm some bytes from a hash operation on the user's givens.
|
|
</p>
|
|
|
|
<h3>This stuff is gold.<br />
|
|
I want one branded for our company.</h3>
|
|
<p>
|
|
Contact me directly for enterprise inquiries. I can provide branded clients and enterprise distribution
|
|
if your company is interested in deploying this solution internally.
|
|
</p>
|
|
|
|
<footer>
|
|
<a href="http://masterpassword.lyndir.com">Homepage</a> | <a href="http://www.lyndir.com">Lyndir</a> |
|
|
<a href="http://www.lyndir.com/contact">Contact</a>
|
|
</footer>
|
|
|
|
</body>
|
|
</html>
|