- What’s your ENow AppGov Score? Free Microsoft Entra ID app security assessment - Thu, Nov 30 2023
- Docker logs tail: Troubleshoot Docker containers with real-time logging - Wed, Sep 13 2023
- dsregcmd: Troubleshoot and manage Azure Active Directory (Microsoft Entra ID) joined devices - Thu, Aug 31 2023
Spectre a password manager developed by Maarten Billemont. It started under the name Master Password but has now been rewritten with modernized software and reborn as Spectre. It is designed to help users create strong, unique passwords for each account.
The difference with Spectre is it works off the principle of statelessness. Wher most password managers store all passwords and attempt to protect them, Spectre does not save the password, meaning there is nothing to protect. So, if no password is saved, how does it work?
How does Spectre work?
Users who sign up for a new account enter their master password. Spectre then generates a unique password for each website based on the master password.
The tool uses the following information to generate each site's password:
- Your full name
- Spectre secret
- Site Domain
It uses cryptographic information to regenerate the same password each time you pull up the site, meaning that the password is never stored or synchronized to a cloud environment. Hence, it cannot be hacked or stolen by a third party.
Spectre uses several different hashing algorithms to generate passwords, which makes it more difficult for attackers to crack them. In addition, it adds salting as an additional layer of security to each password. The app is designed to be used offline and does not share data with any third-party services.
Spectre can also obscure your login names by cryptographically generating them.
Changing the master password
It is obvious that Spectre will generate different passwords for all websites after changing the master password. So, if for some reason your secret has been compromised and needs to be replaced, then it is necessary to renew the password on all websites managed with this app. This is not the case with traditional password managers
And it goes without saying that you better don't forget the master password.
Currently, the rewritten Spectre app is only available for iOS, with other platforms coming soon. Several users in the App Store criticize the usability of the redesigned interface compared to the predecessor app Master Password.
You can clone down the source code and build the app before it is officially available.
Other platforms for Spectre coming soon
You can try Spectre on the app's homepage.
Once you log in to the app with your Spectre secret, your site passwords are cryptographically recomposed as the same password on any device, whether a new device, a friend's device, etc.
Another feature of Spectre that makes it easy to use is its ability to generate offline passwords. This means that users can create passwords even when they are not connected to the internet.
Spectre does include a way to share your site passwords with friends if you have specific secrets you want to share with others.
Spectre is licensed as open source and therefore freely available. However, this only applies to the basic product for generating passwords. The premium version, on the other hand, requires a subscription, which costs 4.49 USD per month or 44.99 USD per year.
The developer does not provide any exact information on his website about the advanced features included in the Premium Edition. Among other things, these provide for integration features with various web browsers like autofill, whereas you have to transfer the passwords via copy & paste in the basic version.
Spectre provides a unique password manager solution, unlike any other solution. Its concept of statelessness is undoubtedly appealing, with the threat of password manager breaches and cloud data leaks a looming possibility.
Subscribe to 4sysops newsletter!
Additionally, the app's focus on user privacy and its open-source nature makes it a trustworthy option for those who want to secure their online accounts.