Encryption Specification
All user and Generator data such as domains, password generation rules, user names, notes, 2FA TOTP keys, etc. is encrypted. Encryption keys are not transmitted and all data encryption is performed on device, using the following consistent implementation:
- Encrypted using 256-bit AES, CBC mode
- A unique, random, 1024bit device-specific key (generated on first-run or app reset and stored in OS-provided secure storage) is used for all encrypted data on-device
- For sync and backup (where data may be moved away from device by user), a user-provided encryption key is used
- All encryption keys are further salted with a 256bit cryptographically random value
- Encryption keys are passed through 1,000,000 PBKDF2 iterations for protection against brute-force attacks
- Data is encrypted at rest and decrypted on demand only while app is running in foreground or syncing
Some sync providers require the storage of authentication keys or credentials. Passify stores these data elements securely as well:
- Stored in OS-maintained secure storage
- Encryption is performed as specified above with the exception that 300,000 PBKDF2 iterations are used (to reduce delay on slower devices due to frequent access).
- Decrypted only during sync process
Other, generalized application settings (defaults, feature toggles, theme color, etc.) are not encrypted but stored in OS-managed application setting storage.
Sync and Backup Encryption
Because each device uses it own, unique and unknown encryption key, data cannot be directly shared with other devices. For that reason, Passify's must re-encrypt the data with a separate encryption key that you provide in order to perform a backup or sync between devices.
- For syncing, the encryption key is provided by you when you configure your sync provider and is itself encrypted and securely stored with the Sync Provider Credentials/Settings.
- When backing up, encyption keys are provided by you at the time of backup and are not stored.
- Data is always encrypted on the device and never exists in a decrypted state.
- Passify automatically encrypts your data with your user-provided key on the device and before uploading to your sync provider.
- Passify re-encrypts the data with it's own device-specific encryption key automatically.