Master Passwords in EmpowerID

Owned by Phillip Hanegan
Nov 20, 2024
4 min read

The master password system in EmpowerID is fundamental for securing credentials and secrets. This article explains the key functions of the master password system, including how users generate key pairs, encrypt and decrypt sensitive data, and manage access to encrypted information.

Note: The master password cannot be the same as the user's EmpowerID login password. This separation enhances security by ensuring that if one password is compromised, the other remains secure.

Key Functions of the Master Password System

The master password system operates through three key functions, each playing a critical role in ensuring data security and controlled access. Below, we describe each function and its role in protecting sensitive data within EmpowerID.

Initial Setup

The initial setup is the foundation of the master password system, creating the necessary security keys:

  • User Creates a Master Password:

    • When users first interact with EmpowerID's secure features, such as Privileged Access Management (PAM), they are prompted to create a master password.

    • This master password is unique to the user and serves as the core secret that helps protect their private key.

Important Warning: If users forget their master password, they have the option to create a new one, which will generate a new key pair. However, any data previously encrypted with the original key pair cannot be recovered.

  • Generation of Key Pair:

    • Once the master password is created, the system generates a public and private key pair. This key pair is cryptographically linked to the user.

    • The public key is used for encrypting data, while the private key is used for decrypting the data when access is needed.

  • Protection of Private Key:

    • The private key is always encrypted with the master password to ensure it remains secure. The user must provide their master password to unlock the private key whenever they need to decrypt data.

Data Protection

After the initial setup, the system secures data through encryption:

  • Encryption with Public Key:

    • The public key is used to encrypt sensitive data such as passwords, secrets, and credentials.

    • Encryption ensures that the data is protected from unauthorized access from the very beginning, allowing it to be safely stored.

  • Secure Storage:

    • The encrypted data is securely stored in the EmpowerID system. Even if someone gains access to the database, they cannot decrypt the data without the corresponding private key.

  • One-Way Encryption:

    • The public key can only encrypt data; it cannot decrypt it. Only the private key can perform decryption, and it can only be accessed by providing the correct master password.

Data Access

Data access involves the decryption of stored data and is secured by multiple factors:

  • Unlocking the Private Key:

    • To decrypt data, the user must provide their master password. This password unlocks the private key, which is needed to access encrypted data.

  • Decryption of Data:

    • Once the private key is unlocked, it can be used to decrypt data that was previously encrypted with the public key. This ensures that only authorized users with the master password can access the decrypted, readable version of the data.

  • Access Control:

    • The combination of the master password and the private key ensures that encrypted data remains inaccessible without explicit user authorization. This strict control mechanism means that even privileged administrators cannot access user data without the master password.

To help illustrate these key functions, the following diagram shows the flow of master passwords and encryption keys in EmpowerID:

image-20241120-210533.png

The diagram above illustrates the key relationships and dependencies within the master password system:

  • The master password is required to create the key pair.

  • The public key encrypts the sensitive data, which is stored as encrypted data.

  • To access and decrypt data, the private key must be unlocked using the master password.

  • This flow highlights the critical role of the master password in both setting up and accessing encrypted data, ensuring that only authorized users can decrypt and use the sensitive information.

User Functionality

The master password is crucial for protecting access to the user's private key, which is used to interact securely with sensitive data. Users rely on the master password system to perform the following actions:

View and Create Passwords (H3)

  • Encryption During Creation:

    • When users create new passwords or secrets, their public key encrypts this data before it is stored, ensuring that no one can access the plaintext data without the corresponding private key.

  • Decryption During Retrieval:

    • To view an existing password, users must provide their master password, which unlocks their private key. The private key is then used to decrypt the password for viewing.

  • Security Assurance:

    • This ensures that only users who possess both their master password and private key can view the plaintext versions of their passwords, creating an extra layer of protection against unauthorized access.

Manage Secrets (H3)

  • Secure Storage of Secrets:

    • Secret information, such as API keys or other confidential data, is encrypted with the user's public key before being stored.

  • Restricted Access:

    • Accessing or modifying secrets requires the master password to unlock the private key. Without the correct master password, these secrets remain protected, even if someone gains access to the underlying encrypted data.

  • Data Protection:

    • The dual-key encryption process ensures that sensitive information remains protected, even if the storage location is compromised. Unauthorized individuals cannot decrypt data without both the private key and the master password.

Check Out Credentials (H3)

  • Credential Encryption:

    • When users check out credentials, such as privileged account credentials, they are encrypted using the user's public key.

  • Secure Checkout Process:

    • Users must provide their master password to unlock their private key before decrypting and accessing the checked-out credentials. This ensures that credentials are only available to authorized users.

  • Authorization Enforcement:

    • Even administrators without the user's master password cannot access these credentials, maintaining the principle of least privilege and ensuring the user's privacy and data security.