Which data is encrypted

Password storage in the browser is organized as a database in which each entry contains data for authentication on a particular site. An entry contains:

  • The public part. This is where unencrypted information is stored, including the site address, username, structure and names of fields in the login form, and statistics (for example, the date of password creation or the date when last synced). This means that the browser doesn't need to decrypt the entire password database each time the user wants to log in on a site. The unencrypted data is sufficient for the browser to determine whether logins from this site are saved in the database and show them to the user.
  • The private part. The password and note are stored in encrypted format. The user's note might contain information that can be used for cracking the password, such as the answer to a security question. Passwords are encrypted using the AES-256-GCM algorithm.
Note. If all the fields in the password database were encrypted, the browser would have to decrypt the entire database every time a password was entered. This is the only way for the browser to check whether the database contains passwords from a particular site. Decrypting all the passwords when only one is needed would compromise security, because a hacker could access the user's passwords for different sites while the user is logging in to one site.

When using encryption with a master password, both the private parts of records and the encryption keys are encrypted:

  1. The password encryption key is stored in the password database and encrypted using the asymmetric RSA-OAEP algorithm. Access to the encryption key is locked with the private key.
  2. The private key is encrypted and stored in the password database. Access to the private key is locked with the master password, which has been hashed. The master password is memorized by the user and is not stored anywhere.
  3. The recovery encryption key, which is used for resetting the master password if the user forgets it, is encrypted and stored on the user's device. Access to the recovery encryption key is locked with a key that is stored in the user's account on Yandex.
Example of an entry from the password store
{
  "origin_url" : "https://yandex.ru/",
  "action_url" : "https://passport.yandex.ru/passport",
  "username_element" : "login",
  "username_value" : "user",
  "password_element" : "passwd",
  "password_value" : "{\"c\":\"uZ4qPrUuX8HOab3z1v1Z2tohvRvxAnjqxhszAn3fkmkb9Ac=\",\"e\":\"81f4c75d46018a7eaff00de3e0cf335006d2e5bfc68f3fc4aacc570ece1608ab\",\"p\":\"a+6yHy4TLHjPcVsXud0BkiBTIVLqIShEibd3YNEp\/xhGbxw8oQ==\"}",
  "date_created" : "13155032706798802"
}