"Master Password is a stateless password generator. It doesn't store, collect or transmit any secrets. It makes them ubiquitously available, on-demand, depends on nothing but your private master password, and is fully open source.How Does It Work?
The user is expected to remember the following information:
In practice, the secret master password is the only extra thing users will actually need to remember. Their full name, they'll hopefully remember regardless. If the site is always named after the bare domain name, it needn't explicitly be remembered but can be found in the browser's address bar. The counter and type need only be remembered if they are changed from their default values."
- Their full name (eg. Robert Lee Mitchell):
This is a salt for the master key generation.- Their personal master password (eg. pink fluffy door frame):
This is the secret for the master key generation.- The site name (eg. apple.com):
The user chooses a name for each site. The bare domain name is an ideal choice.- The site's password counter (default: 0):
This is an integer that can be incremented when the user needs a new password for the site.- The site's password type (default: Long Password):
This type determines the format of the output password. It can be changed if the site's password policy does not accept passwords of this format.
/misc | Jun 26, 2015