Password managers with an additional secret key

@glennf added a bit to my article about LastPass, noting that iCloud Keychain and 1Password both have an additional secret key (the device UID and 1Password’s secret key) that is entangled with the password to increase security significantly. Just discovering someone’s master password wouldn’t be enough to enable a brute force attack unless the attacker could also access the device or the secret key, neither of which are stored online.

So to my mind, that’s a really significant criterion that one should look for when evaluating a password manager—does it entangle the master password with some sort of additional secret key?

Which other password managers have such an architecture?


Is this what is referred to as the “salt”? If so, I’d be surprised if any password manager did not salt passwords prior to encryption. From my (limited) understanding, this is specifically intended to render “rainbow tables” useless as an aid to crackers.

If it’s from the device, how does that work when you use the same password on different devices? Wouldn’t my iPhone’s version of the master password then be different than the one on my Mac? Or is the saved hash stored per device so each has a unique hash?

Apple explains iCloud Keychain restoration here: Secure iCloud Keychain recovery - Apple Support

So, in simplistic terms, basically each device (Mac, iPad, iPhone) uses the passhrase to log in/unlock to encrypt a copy of the iCloud Keychain encryption keys. That’s why when you log in your Apple ID on a device that’s not logged in which uses iCloud Keychain syncing that the device asks for the passphrase from one of your devices randomly - that allows the device to join iCloud Keychain sync and get a copy of the Keychain locally. To Apple the iCloud Keychain remains a blob of randomness.


Just a clarification that for 1Password I believe that this only for subscription accounts that store data on 1p servers. If you still have standalone 1P 7 or older using sync with Dropbox, etc., and AgileKeychain, there is no added secret key.


When you install 1Password on another device, you have to give the secret key (which is not known to or recoverable by 1Password). So every device that you use to access your passwords, knows the secret key. I guess the same is true for the iCloud Keychain. I would venture that this is different from salting since a hardware device is involved.


Here is an overview of 1Password’s Secret Key:

For more details about the Secret Key, see their white paper.

I kinda think they’re overselling the importance of the Secret Key…in the end it’s just a second password that is needed in order to break into your vault…and they pooh-pooh (for instance) the password for say DropBox if that’s where you store your v7 or earlier vault because theirs is so much better…but in the long run it’s just used to increase the entropy in your encryption and hence the cracking time…and a long password with the full 95 character alphabet provides a very long cracking time anyway so doubling or whatever that very long time doesn’t mean much.

The main reason for the Secret Key…or the fingerprint phrase or whatever in other managers…is to protect against crappy master passwords by adding essentially another long password that forces the bad guys into either moving on to another target or resorting to brute force attack…and practically none of us are worth that kind of expense.

It is true that Amazon and others sell computer time pretty cheaply…but a quick look at Steve Gibson’s haystack size page shows that long pretty quickly gets you into 10s of thousands to millions of centuries and while Moore’s Law still applies and computers will always get faster…it would take many orders of magnitude of improvement in computer capability to make a difference in that very long time…and even when those orders of magnitude eventually happen I’ll be dead and gone, still won’t be worth the effort, likely those orders of magnitude won’t be easily/cheaply available for even longer after they’re invented, and one can always just choose an even longer password to change the master password to.

I’m not knocking the Secret Key at all…it’s a good idea but they’re overselling it as the be all and end all in security enhancement that only they have.

Nonetheless…I’m still using v7 and will continue to do so until it breaks…and then I’ll evaluate v8 once again to see if it adequately fixes the critical flaws that v8 currently has…otherwise I will just move on. I’ve had a relatively long email discussion with their support folks regarding testing of v8…and their minds are made up it seems to me…they’ve made decisions as a company that I can’t fault them in making because they do exist to make a profit…but some of their decisions are not in the best interests of their users but in the best interests of the company and it’s VC investors.