↩ Back to Howto

How To Choose a Good Master Password

Saturday, Dec 30, 2017

Remembering passwords is hard. Thankfully there is Padlock to remember them all for you! Well, all except one - your master password. Your master password is the one and only key to unlock your vault. Without it, no one can access your data, not even us!

However, there is catch: Padlock uses strong, state-of-the-art encryption to protect everything you store in the app, but this protection is only as strong as your master password! If you choose a password that is too short or not random enough, an attacker may be able to unlock your data simply by guessing your password.

But how do you know if your password is secure enough? When you first enter your master password during the setup process, the app will show a small hint indicating the strength of you password. Possible results are weak, medium and strong. Obviously, the most desirable result here is “strong”, but you should at least go for “medium”. If you choose a password that Padlock considers “weak”, you will be presented with a warning but may proceed at your own risk.

Choosing A Master Password

The Longer The Better

Generally, when it comes to security the longer your password the better! Of course a longer password will be harder to remember and take longer to type so you will have to find a balance between security and convenience.

Mix It Up

In addition to length, another thing that will add to your passwords strength is variety. If your password is made up of random characters, make sure to use upper and lower chase letters, numbers and special characters. If you choose a series of words, consider mixing in made-up words or words from different languages.

Make It Random

Randomness is one of the most important characteristics of any good password. You should avoid patterns like “12345” or “abcd”. Words are ok as long as they are not obviously related to your person in any way. Coming up with something truly random by yourself is hard, so it’s a good idea to use some kind of tool to choose for you. Do not use any kind of software to generate your master password! Instead, you should use something physical like simple dice. More about this below.

Remember It

Because your master password is the only key to access your vault, and because we don’t keep a copy of it anywhere, it is very important that you don’t lose it. We recommend writing down your password on a piece of paper and keeping it somewhere safe. Do NOT keep a digital copy of your master password anywhere!

A Simple Way To Choose Your Password

There are many ways to choose a master password but one simple way to come up with a secure and easy-to-remember password is to pick a series of words out of the dictionary using physical dice. This method is called Diceware and is described in detail here.

Get The App