High Security

Keep your passwords protected

Your security at the heart of passwd.one

“Passwd.one was started many years ago as a convinient way to store my own passwords.”

For this reason, we try to implements the best practices to keep your data private.

Key Derivation Function

We use a powerful key derivation function (Lyra2), associated with salt and pepper values, in order to keep your your master password perfectly secure.

Browser based encryption

We implemented all our algorithms for javascript, your password are encrypted and decrypted in your browser. We will never be able to decrypt your data.

Master password

Your password to log in must be strong and unique. We never store this master password, and we have no way to find it or to unlock your account if you lose it. That way, the confidentiality of your information cannot be compromised.

Your unique encrytion key

Your master password and your email are used to generate three different things, unique to your account: a “fingerprint” for logging in, the encryption key for all your data, and part of the seed for generating new passwords. Since your encryption key is generated using your secret password, no one can decrypt your stored passwords.

Everything is encrypted

Your passwords are encrypted, but also your logins, your websites, and comments. Also, we use random initialization vectors for each field to encrypt. Hence, even if you use the same data (e.g., same login) on different site, the encrypted values are entirely different.

Database encryption

All your personal information we need to process your payments, like your name, address, credit card information is also strongly encrypted. Even in the unlikely event of a hack of our database, everything in it is gibberish without the decryption keys.