Menu

Master Key Generation from Master Password

2013-02-05
2013-02-05
  • Ulrich Boche

    Ulrich Boche - 2013-02-05

    I'm sure this topic has been discussed before but I was unable to search the for it with a meaningful number of results.

    A series of articles in a recent issue of the German computer magazine c't about state-of-the-art password cracking tools and techniques has prompted me for this question: what is the method used to derive the master key for the psafe3 database from the master password?

    If an attacker gets a psafe3 database into his hands, the effort needed to crack the master password is highly dependent on the key derivation method. If a method such as PBKDF2 or bcrypt is used, the cracking process can be a million times or more slower than if only a simple hash algorithm such as SHA1 or SHA-512 is used.

    For me, this question is of particular interest since I'm not only using PasswordSafe on the PC but also the Pwsafe app on my iPad and I need to keep the psafe3 database in my Dropbox.

    Regards,
    Ulrich

     
  • Ulrich Boche

    Ulrich Boche - 2013-02-05

    Rony, thanks for the information. Very reassuring.

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.