SynthPass released

Chances are you, like me, have a collection of logins, each with their separate requirements for password strength and lifetime, user ID, and so forth, and your memory has already reached the saturation point. Since writing them on a piece of paper is a no-no, you may have resorted to a password manager. There are many good ones, even free ones, but you still wonder if things could be a little easier. If you are thinking this, SynthPass is for you. It does not work like the other password managers, which store your logins more or less securely, but rather gets around the whole problem by not storing your passwords.

Intrigued? Read on…

With SynthPass, there is no “vault” that has to be protected from hackers because your passwords are synthesized on the fly, just as you need them. SynthPass-made passwords are always high strength and comprise letters, numbers, and special characters. Passwords for different websites are guaranteed to be totally different.

You never have to change your Master Password. When a website forces you to change its password, simply change the optional serial that is used to synthesize that password. SynthPass will remember the serial, as well as your user ID. Your Master Password will never be stored, and it disappears from memory after five minutes not using it.

Unlike conventional password managers, SynthPass
– won’t pop up and interrupt your flow; it is activated only when you click its icon on the browser toolbar
– won’t store anything secret, only user IDs and optional serials, if you allow it
– is always available, because it does not have to connect to “the Cloud”
– makes only strong passwords
– won’t ask you for money
– won’t show ads

SynthPass is based on the WiseHash key-stretching algorithm, which evaluates the information entropy of your Master Password and subjects it to a variable number of rounds of SCRYPT key-stretching. The weaker the password, the more stretching. This forces would-be hackers to spend an inordinate amount of computer time testing weak passwords before they can get to yours. SynthPass displays an accurate measurement of your Master Password’s entropy to help you come up with a strong one. This is the same algorithm stretching the user password in PassLok Privacy and PassLok for Email.

This is a browser extension, and therefore is poorly supported on mobile devices. There is, however, a web app that includes the same password-making engine and runs well on mobile devices. It can be found at:

And now, a few more links. First the download links for the extensions for Chrome and Firefox:



Then, of course, the info page:

Finally, the GitHub repo, where you can contribute to the code or report bugs:

Enjoy SynthPass !

4 thoughts to “SynthPass released”

      1. Hey, I replied to your same comment on Reddit. I read the article, and it doesn’t actually demonstrate any fatal flaws in SynthPass, which has mechanisms in place to address all its concerns.

        I stand corrected regarding the history of password synthesizers, though, so thanks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.