Why should I use passacre?

The simple reason is that passacre is an easy way of having a different password for every site.

In short, there is no reason to trust the security of any site you visit. Whether due to negligence or malice, passwords may be stolen or revealed. Because of this, it’s extremely important to not reuse passwords. Passacre’s generated passwords are unique for every site.

What makes passacre secure?

The main security advantage of passacre is that passwords are generated on-the-fly. The inputs required to produce a password are not persisted; the master password must be typed in each time, and there is no option to save it. YubiKeys, if used with passacre, must also be present at generation time, and their output is never saved either.

While passacre does persist certain data, the data persisted are either secured or are effectively already public information.

Passacre’s security is also contingent on the security of Keccak and Skein. Both have already been given much public scrutiny, as they were both final-round contenders for becoming the SHA-3 function.

In order to make it more difficult to derive master passwords from generated passwords, passacre is also tunably slow. Legitimate users are usually not inconvenienced when password generation takes a second, while this makes an attacker’s task take significantly longer.

What data does passacre persist?

The only data that passacre persists related to your password are:

  • The schema used for turning the raw generated bytes into a password. This is normally public information about a site anyway.
  • The names of each site with configuration options set. Since this is potentially sensitive information, site hashing is an option passacre provides.
  • The number of `iterations`_ used when generating the password. By itself, this number is meaningless and should not be considered a secret; an attacker still needs the master password in order to reconstruct your password for a site.

What makes site hashing secure?

Site hashing is a means of protecting the site names used in your passacre configuration, as passacre needs to be able to associate sites with site-specific configuration. The actual method used is passacre itself: site hashing is performed with your master password, a well-known site name, and a well-known schema. Because your master password is an input, no two users will have the same hash result for the same site name.

What happens if someone learns one of my generated passwords?

Due to the one-way nature of the secure hash, even if an attacker learns one of your generated passwords, it’s not trivially possible to recover the master password used. The difficulty of recovering the master password is proportional to the number of `iterations`_ used when generating the password, as increasing the number of iterations will make generating a password take longer. Since the only thing an attacker can do is attempt to brute-force the master password, making password generation take longer slows down the overall brute-force attempt. But, note that this is not a replacement for choosing a secure master password.

However, if a generated password is compromised, you most likely want to generate a new password for the same site. This is done easily by setting the `increment`_ on the site. For example:

# generate the password to log in to the site
passacre generate compromised.example.com
# adjust the increment, assuming it was 0 before
passacre site config compromised.example.com increment 1
# generate the new password for the password change form
passacre generate compromised.example.com