26th International Conference on Intelligent User Interfaces - Companion
Passwords are the most common user authentication methods. Password policies regulate passwords to a certain degree of complexity, which also makes it difficult for users to create and remember passwords. Password managers improve both security and usability by allowing users to memorize only one master password. However, authenticating to the password manager with the master password has the risk of exposing all passwords when the security of the password manager is breached. We present a password manager, MonoPass, that leverages a master password to regenerate consistent passwords across a variety of devices and passes password metadata through a central server. MonoPass enables users to synchronize passwords without storing user data on the server and without using authentication with the master password.