Calculated Passwords

The practical way to password security

User Guide


Overview

Calculated Passwords allows you to convert the same master password, such as the crisantem1356incharlston, into any number of strong passwords. For example, it can derive the following 3 passwords for online use with Bank of America, Amazon.com, and Chase, respectively, from the mentioned master password:

bankofamerica amazon chase
wck13#OsB9 1)cEJ1oYIg Y%u1RuJ1Cl

You will only need to remember the crisantem1356incharlston. A compromise of the Amazon.com site password will not affect the other two passwords.

The strings in bold above are Target Domains and are simply a part of the Web site address. Calculated Passwords prefills these values for you, whenever technically possible, as shown bellow:

Web site Target Domain
http://www.bankofamerica.com bankofamerica
http://www.amazon.com amazon
http://www.chase.com chase

Passphrase entry fields

The final password is determined by the Seed, the Master Passphrase, the Traget Domain, and to a lesser degree by the Password policy. The Master Passphrase is what is typically called a password, the other two fields are public parameters that determine the final calculated password.

  • Seed

    The Seed makes the final password unique. Your password is very likely to be a sequence of words in your native language. The Seed is needed to make more difficult so called dictionary attacks on your master password.

    An ideal seed is a string that uniquely identifies you as a person. For example, it can be your full name followed by your first child's name. You may further enhance the seed with a date of birth when both names are very popular.

    You may keep the same seed forever, even after you had changed your master password.

    Seed that you enter is never stored in clear, only the SHA-1 hash of it.

    An example of a bad seed is the 4 digit year in which you were born.

    In addition to entering the seed as a string, you can specify an already hashed Seed. To do this please enter the hashed string as a sequence of Hexadecimal bytes, for example as EF3C0A243FEDD24EECEDA4949846C3E686ADB26C. The Hexadecimal mode is triggered when the input contains only Hexadecimal characters and the length of the encoded Seed is at least 20 bytes (or 40 Hexadecimal characters).

  • Master Passphrase

    This is the long-term secret string that only you know and this is the only private information that you need to remember. There are no limits on how long your master passphrase can be or which characters compose it. Please choose your passphrase carefully as this is the main foundation of the final strenght of the calculated passwords.

  • Target Domain

    The Target domain is an optional public parameter that makes the final password only suitable to a particular domain, such as a Web site, an encrypted file, or a corporate network.

    Let's say that, given your seed and master passphrase, you want to produce the passwords for http//www.amazon.com and http://www.BofA.com. You could simply enter the string amazon and bofa in the target domain field. It will be impossible for Amazon.com to derive your Bank of America password from another password that you gave to Amazon.com.

    Suppose now that you want to change the password at Amazon.com. You can enter the amazon01 as the domain. Your master password stays the same, but the resulting password will look completely different and it will be impossible to derive your new Amazon.com password from the old one, even with the knowldge that you used amazon as your traget domain in one case and amazon01 in another.

  • Password policy

    The parameter determines the set characters that will make the final password. It is needed to comply with password policies mandated in environments in which you want to use a password. Unfortunately, there is no one universal policy because, for example, many Web sites enforce conflicting password policies. Here is another example: only digits can be used for a voice mail password. Password policy explains available policies.


You must never write or store your master passphrase anywhere. For your convinience you may store your seed, target domain, and password policy information on the local computer, in your account at iGoogle.com, or bookmark it as a State Link.

Password change

The password change forced by Web sites is one of the biggest obstacles to remembering multiple passwords. Calculated Passwords greatly simplifies this task.

Most users follows a simple method to change the password from the expired one. For example, a password something becomes something0. The latter method is insecure because it is easy to guess, in other words, it diminishes the main objective of the Web site to force the password change. An attacker knows that the password is likely to be a dictionary word with a digit at the end. Even worse, if an attacker knows the previous password, he is highly likely to know the next one.

To change the password with Calculated Passwords you keep the same master passphrase and the seed, but change the target domain. For example, it you used bofa as a target domain, you can now use bofa1. This almost looks the same as the abovementioned simple method, yet it results in dramatic difference between old and new calculated passwords.

Privacy and persistent data

The entire calculation of the password is performed inside your browser, as you can verify yourself. In addition, the applet in floating mode cannot access the page it is floating over. This design is accomplished by isolating the applet into its own HTML IFRAME; the browser's security features make impossible for an applet in an IFRAME to see the parent page or other IFRAMEs. Likewise, a rogue page cannot see the content of the Calculated Passwords applet.

You may choose to store public parameters that affect the final password locally, in the browser's local storage, or cookies, on the iGoogle.com server, bookmark it as a State Link, or opt to never store these parameters. When you select to store state Locally, the applet will first attempt to use your browser's local storage feature and then, if it is unavailable, browser's cookies. When you opt to use ithe storage option, the following information may be stored:

  • Seed

    Calculated Passwords only stores the hash of the Seed. For this reason your may consider making somewhat sensitive but public information, such as your street address, a part of your Seed. Note that you can use the SHA-1 hash of the Seed interchangeably with the actual seed. You can get the hashed version of the Seed in the State tab, invoked through Options tab.

  • Target domains and their password policies

    It's quite obvious that you will use, for example, some variation of amazon domain parameter for http://amazon.com. Thus, target domains are not private information, but it is important that you remember exactly which variant of the target domain string you used. The storage options mentioned above are the most helpful for this set of parameters.

    In addition, the password policy is stored with each target domain.

  • Password calculation parameters

    There are limited number of parameters that affect each password calculation. You should choose the most secure (and, therefore, slowest) password derivation parameters that will provide the tolerable calculation speed on every device that you might use. For instance, if you don't use Calculated Passwords on mobile devices, you should select the most secure password derivation option.

When you choose Never storage options in the Options tab, all previously stored information is cleared.

The Calculated Passwords never stores any other information on any server.

Password Policy

In general, there is no single universal set of characters for the password that is suitable for any application. Some application pose conflicting requirements: voice mail password can only contain digits, while a corporate system network may insist on additionally including letters and special characters.

Calculated Passwords allows you to choose an appropriate password policy for each target domain. Each password policy is named with short abbreviated name. The format of the abbreviated policy is easy to understand from the following table:

Abbreviated Policy Source character set Max. strength Recommended use
4D 4 digits 6 bits ATM PIN
10D 10 digits 37 bits Voice conference access number
1U1L2D BASE64 character set. There must be at least one uppercase, one lowercase character, and two digits. 52 bits General account password
1U1L2D1S Same as 1U1L2D, plus there must be a special character that cannot be the first or the last character. 54 bits General account password
B BASE64 character set. 126 bits The best choice when there are no character set restrictions; it's the only policy suitable for an application where offline password quessing is possibile.

You can find additional details on each policy in the Policy tab of the applet.

The "Max. strength" shows the resistance of the generated password against the brute force guessing. This value assumes that your master password is unpredictable, which means that the stated bit strength is the theoretical maximum strength against brute force guessing. The values are helpful for relative comparison between password policies. For example, an ATM PIN generated usign 4D policy corresponds to the fewest number of bits, only 6 bit security, and is poor choice for a password that you use to enrypt a file.

1U1L2D1S policy produces passwords that will be categorized as at least Strong by Microsoft password checker. However, please note that B policy is given the same rating, while it should have received the maximum rating, showing the limits of that estimation.

The implementation relies on the state of the art cryptographic algorithms to deliver the best security for the selected usability. The password derivation algorithm is based on enhanced version of OpenPGP RFC 4880 Iterated and Salted String-to-Key algorithm. We will gladly share used security algorithms with anybody interested.

Float over any Web page

It is easy to set up Calculated Passwords so that the applet is rendered over any Web page. This a convenience feature that enables you to remain on the same page on which you need to enter a sign-in password. You don't need to type any more characters to sign-in with the applet than with a direct sign-in; the only difference is a few additional mouse clicks. Instead of typing your password directly into a Web site, you type your master password in the applet, then you type or use mouse clicks to select the appropriate target domain (e.g. a bofa to access the Bank of America account) if you want to change the pre-filled default, and use a mouse to move your generated password into the appropriate password field.

Please take a look at recorded screen captures that demonstrate how easy it is done for most popular browsers here.

Backup and record keeping

The public information that affects calculated passwords, the State, can be saved on the iGoogle.com, in persistent browser storage or cookies on your computer, or bookmarked as a State Link. These storage media are outside of control of Calculated Passwords. For instance, if you clear all browser local storage and cookies, the persistent State of Calculated Passwords is lost, assuming it was stored locally. In this case you must rely on your memory to recall target domain values.

Usually it is easy to remember public parameters used with Calculated Passwords. When used in floating mode the applet even pre-fills the target domain for you. However, this doesn't help when you used a variation of the target domain, e.g. instead of bankofamerica you used bankofamerica01.

To avoid the loss of State and the inability to re-generate correct passwords, we recommend that you store the State offline in an alternative place, such as your local Documents directory that you periodically back up. To do this click on Show printable state checkbox in Options tab. This creates a new tab State. On that tab you can use the Print button to print the current State. If you want to save a file, you can select the option to print into a file in your Operating System, or select the content of the State tab and copy it into a new file manually. Here is a sample result of invoking Print with PDF output in Firefox: sample State in PDF.

The easiest method to store the state is by bookmarking the Calculated Passwords State Link.


Home User Guide Feedback