Increased PBKDF2 iterations means increase in unlock time

geoff2

Hello --

I recently changed my master password to make it more secure, following the blog post on hashcat, and I've noticed that it now takes 1Password (on the Mac, iPhone and iPad) much longer to verify my master password than it did before. (I've been using 1Password for several years at least, and hadn't changed my master password until now.) I'm curious what exactly this represents, because I assume it's related to the increased number of PBKDF2 used in more recent versions of 1Password, and that my password file hadn't received this encryption upgrade because I hadn't changed my master password. Is this accurate? Thanks.

• geoff

geoff2

Oh, well, I just read the blog post more closely, and also noted the update on the bottom, and that is precisely what happened. Sigh. Thanks! I guess this is useful in that it shows that the change is noticeable, at least from a user experience perspective.

khad

It sounds like you answered your own question, but please do let us know if there is anything we can clarify, @geoff2. :)

We are always here to help!

zexpe

Could 1Password for iOS be optimised to make use of the iPhone 5s ARM64 chip's specialized instructions for AES encryption and SHA-1 and SHA-256 cryptographic hashes? Would this speed-up the unlock time for a higher number of PBKDF2 iterations?

As mentioned here: http://www.mikeash.com/pyblog/friday-qa-2013-09-27-arm64-and-you.html

khad

I'll have to leave that to the rest of the team, but I'm sure they are implementing any safe and secure optimizations applicable to 1Password. :)