INSIGHTS CENTER
Generated Passwords
Why are AltoPass Generated Passwords more secure?
Two models of password management
There are two main approaches to managing passwords that rely on the user remembering only a single piece of information (Key Phrase or Master Password).
1. Stored passwords
2. AltoPass Generated passwords
AltoPass provides both options. You are in control of which approach to use. We do however, believe that Generated Passwords provide greater security level and we will explain why.
There are two main approaches to managing passwords that rely on the user remembering only a single piece of information (Key Phrase or Master Password).
1. Stored passwords
2. AltoPass Generated passwords
AltoPass provides both options. You are in control of which approach to use. We do however, believe that Generated Passwords provide greater security level and we will explain why.
Stored passwords
This is a standard "vault" model of all the mainstream password managers. User accounts including usernames, passwords and other fields are placed in a "vault". Think of this vault as a text file which is strongly encrypted with the key derived from your Key Phrase. These vaults are usually stored in the private or public cloud that allow users to restore their data when switching to a new device.
This is a standard "vault" model of all the mainstream password managers. User accounts including usernames, passwords and other fields are placed in a "vault". Think of this vault as a text file which is strongly encrypted with the key derived from your Key Phrase. These vaults are usually stored in the private or public cloud that allow users to restore their data when switching to a new device.
AltoPass Generated passwords
This method doesn't involve storing your password in the cloud or inside an encrypted vault. AltoPass Generated passwords are calculated right on your device. This calculation is deterministic, meaning that it produces the same result every time. There is no reason to keep your passwords in the cloud since we can always calculate them on your device in milliseconds.
AltoPass keeps some of your metadata in the cloud. For instance, we keep your usernames, service identifiers, custom fields, and random seeds (additional parameters of the password calculation on the device) for each account. However, the passwords themselves never travel from your device to our cloud. All these metadata parameters stored in the cloud are not enough for hackers to get access to your account.
This method doesn't involve storing your password in the cloud or inside an encrypted vault. AltoPass Generated passwords are calculated right on your device. This calculation is deterministic, meaning that it produces the same result every time. There is no reason to keep your passwords in the cloud since we can always calculate them on your device in milliseconds.
AltoPass keeps some of your metadata in the cloud. For instance, we keep your usernames, service identifiers, custom fields, and random seeds (additional parameters of the password calculation on the device) for each account. However, the passwords themselves never travel from your device to our cloud. All these metadata parameters stored in the cloud are not enough for hackers to get access to your account.
Why are the generated passwords more secure?
Even though the vaults are usually encrypted with solid strong encryption algorithms, they still result in all your passwords being preserved in the cloud with the potential to be accessed by hackers in case of a cloud breach.
If something is stored in the cloud, it can be broken into. We believe that the only way to avoid being compromised is to avoid cloud storage.
In other words, you cannot lose what is not stored in the cloud.
Even though the vaults are usually encrypted with solid strong encryption algorithms, they still result in all your passwords being preserved in the cloud with the potential to be accessed by hackers in case of a cloud breach.
If something is stored in the cloud, it can be broken into. We believe that the only way to avoid being compromised is to avoid cloud storage.
In other words, you cannot lose what is not stored in the cloud.
Start to keep your passwords securely today. It's free
Create your AltoPass account along with 100 000 users
© 2022 AltoPass, Inc.
DOWNLOAD
INSIGHTS CENTER
COMPANY
- support@altopass.io
- Privacy Policy
- 405 El Camino Real, Suite 629, Menlo Park, CA 9402
Do you have any questions? Contact us!
I agree the Terms of Service