← ALL POSTS

Password vs. mnemonic based login

08 November 2020 • Alex Harley
board light
board dark

When signing up to Portabella there are two ways to register an account, with an email and password combination or an email and mnemonic combination. In this post I hope to shine a little light on why we offer those two options and what the difference between them is.

Portabella is an end-to-end encrypted project management platform, that means any data is encrypted in your browser before being saved in our servers. We never never see your core data in plaintext, and we never see the key used to encrypt that data. This presents a bunch of technical problems - that we're certainly up to tackling - but is why few businesses offer end-to-end encrypted solutions.

What is a private key?

Before we dive into the specifics of generating a private key (or secret key), it helps to understand what it is. Your private key essentially identifies you and allows you to perform authenticated operations. Anyone that gets access to your private key will be able to impersonate you (read and write data), so it’s something that you and only you should ever have access to. If anyone gets access to your private key it’s essentially (with a few caveats) game over.

From your private key you can derive what’s called a public key, this is a public identifier that maps to your private key. Don’t worry, there’s no way to figure out your private key from your public key, only the opposite is possible.

Swapping encrypted data with someone

When two users each have a private key, they can swap data between themselves without anyone being able to read the data. This is done via public key cryptography, to provide a simple example we can imagine two users, Alice and Bob. They each have each others public keys, to swap data Alice simply encrypts a message to Bob’s public key, only Bob with his private key is able to decrypt that data.

Providing signatures associated with that data

The next big deal when it comes to public key cryptography is providing a signature associated with some data. When Bob receives data from Alice, he knows only that a message has been encrypted to him, but nothing about where it came from. Here’s where signatures come in, Alice is able to provide with the encrypted data a signature over that data showing only her private key could have generated it. Because Bob has fetched Alice’s public key from a trusted source, he’s able to verify the message did in fact come from her.

How do you generate a private key?

Now that we understand what we can do with private keys, the question arises, how do we get one? To create a private key you need to provide some high entropy input to a key derivation function. In more concrete terms that means providing the most random input you can imagine (think what the output of randomly smashing your keyboard for an hour would be, and then times it by 1000) and then feeding it into this function.

Obviously this begs the question, how do I deterministically generate my private key (how do I generate the same private key everytime)? No one could ever remember the output of smashing their keyboard for an hour, so the cryptography community has settled on mnemonics, or seed phrases to help with this.

What is a mnemonic?

safe giraffe seven dizzy vacuum undo also cycle fall party steel soup

A mnemonic is a collection of words that can be used to derive a private key. Above is an example of a 12 word mnemonic, representing (roughly) 128 bits of security. This can be fed into a function which combines these words together and gives you the seed material, which you can then pass into a key derivation function.

You may already be familiar with these terms if you’re interested in cryptocurrency, often when you generate a wallet you’ll be prompted to confirm that you’ve written down the generated seed phrase. A collection of 12 to 24 words is easier and less error prone to write down than a long and random private key. Portabella supports BIP32 key derivation and BIP39 seed phrase generation.

How does Portabella derive your key?

So now we’ve covered all that, how does this relate to Portabella? You’ll remember that we offer two ways of signing up, one with a mnemonic and one with a password.

Mnemonic based

If you provide a mnemonic it’s easy, we simply take that seed phrase and feed it into a function that gives us a private key. We use the trusted ethereum-cryptography JavaScript module which has been independently audited by Trail of Bits.

A new and random seed phrase is generated every time you visit the registration page in Portabella, however we also support bringing your own mnemonic in case you're wanting more entropy than the browser provides.

Password based

When using a password it’s a little bit more tricky, we have to take your email and password and stretch those out to build the key material. We use the popular pbkdf2 library for this. Here the most you can do is provide a long, generated password that you hopefully managed with a password manager. This is obviously not as secure as using the mnemonic based login method, so we recommend that when possible.

When you login to Portabella (with either method mentioned above) your asymmetric key pair is derived from the material provided. For convenience we offer the option to encrypt and store your key material in local storage, this means you don’t need to enter all your information each time you login. We recommend logging out of Portabella when you’re done to ensure that if anyone gets access to your computer they’re not able to steal your private key.

Conclusion

Hopefully that answers any questions you had around Portabella and key management. Be sure to checkout our how Portabella works post for more information on the technical side of things. Feel free to reach out to us on Twitter with any questions you may have, until next time!

Ready to give privacy a go?

Start your free trial today.
logo

Portabella

Funded and developed by @alex_b_h_ in Berlin, Germany
Interested in staying up to date with the latest developments and blog posts? Sign up to our mailing list