Password encryption in Yandex Browser

Users rarely save passwords in the browser, for fear that they can be stolen by hackers or seen by someone else who is at the computer. The Yandex Browser encryption scheme protects user passwords from both of these risks. The password manager architecture developed in the browser follows Kerchhoff's principle. The encryption remains secure even if the attackers know everything about the encryption algorithms used, except for the key values.

Attention. Security experts are welcome to help us find vulnerabilities in the new password manager as part of the Bug Bounty program. With your help, the password manager will be even safer.

Which data is encrypted

Types of threats prevented by the password manager

Encryption with a master password

Encryption without a master password

Write to Support