How do I use it?

One, two, enter.

Good security depends on ease of use.

With Master Password, logging into any website involves these steps:

  1. Unlock the Master Password app.
  2. Find your site and copy its key.
  3. Enter the site by pasting the key into its password field.

Most browsers will then ask you to "save" the site's password. If you're comfortable with that, it's a good way of skipping the above steps and logging in even faster next time.

Getting started.

As explained, Master Password is not a password manager or a vault. It is not made to hold your existing site passwords — that would violate the principles it stands for and break the advantages it offers over ordinary password managers.

As a result, the largest curve to adopting Master Password involves changing the passwords of all your existing accounts into the cryptographically secure keys generated by Master Password.


I want pictures.

All right. Here's Robert on his iPhone:

He wants to sign up for Twitter. Robert filled in all the fields, except for password. Not wanting to worry about what his Twitter secret is going to be, he switches to Master Password.

Of course, he begins by unlocking his user with his master password.
Robert can skip this step by going into Master Password's preferences and setting it to either save his master key or remember his login, but he choses not to.

He creates a password for Twitter by using its bare domain name: twitter.com.
He knows not to use mobile.twitter.com or Twitter or anything non-standard, because that would be very difficult to remember correctly on a later date. If he has multiple twitter accounts, he could prefix the name with a user name and an @: [email protected], [email protected].

If the website Robert's signing up for prohibits symbols for some daft reason, Robert can change the type to Basic or something similar instead. Robert can also bump up the complexity to get an even more secure password if he wants.

With the site added to Master Password, a password was created for it and copied to his pasteboard.
Now, Robert just switches back to Safari and pastes his brand-new password he doesn't care to remember in Twitter's password field. All done!

BTC(1GGCx62ypC1jiHuRYREZBUnUR6PiChqRmN) ● ETH(0x0e9a563950b4cabd1a5d60ce69056afca53cdc82)