Optional Login
generation hashes
symbols length
legacy mode
Your Password
base hash (9-bit)

One Shall Pass

One Shall Pass is a browser-side service for calculating strong, site-specific passwords. It is open source. In contrast to other password services, 1SP does not save your passwords or universal passphrase anywhere.

This page is self-contained, with only inline JS and CSS, and no images. So you can conveniently save it or use it offline. You can also watch your network monitor to witness it makes no remote calls beyond the initial page load.

There is one (optional) networked feature: if you're afraid you'll forget what you called a host (e.g., "gmail" or "google" or "") or your features for a host (how long you want the password to be, etc.), you may login to This will push and pull your encrypted hostnames and settings to and from It will not sync your universal passphrase, so cannot access your passwords. Nor can read your settings or hostnames. So do not lose your passphrase, since it's not recoverable.


How does it work?

In JavaScript, 1SP hashes a structure including your email address your universal passphrase (which you choose and mustn't forget), then hashes the results with a host (such as ""), and your settings for that host. If you enter the same inputs on another computer, 1SP will yield the same password.

Which crypto algorithms do you use?

For "hashing", PBKDF2, HMAC, and SHA-512. For "encypting", AES-256-CBC, plus the same three as above for key derivation and MAC'ing. See Technical FAQ for more details.

What if I lose my universal passphrase?

There is no recovery. Of course, the individual sites you use with 1SP probably have password reset features.

Who are you guys and why should I trust you?

1SP was written by Max Krohn and Chris Coyne, two of the co-founders of OkCupid. Max has a PhD in Computer Systems and Security from MIT. But don't take our word for it, please audit our code and let us know if we've messed up.

What do the settings options mean?

generation is the version number for a host password. If you feel your password for a certain site has been compromised, or the site notifies you that their database has been hacked, just move to the next generation number.

symbols controls how many non-alphanumerics go into your password. Some sites don't allow them, and a few sites demand them.

hashes controls how many SHA-512 hashes are performed on your universal passphrase and email address before hashing the results with a host-specific setting. This is a defense against an attacker who has compromised the database of a site you use, and wants to work backwards using your email address to guess your universal passphrase. The default setting makes it prohibitively expensive, assuming your universal passphrase is decent.

length determines the number of characters in your host passwords. Some sites have weird rules.

How does the hashing not lock the page?

The JS on this page was programmed in IcedCoffeeScript which makes async programming a lot easier. All the hashing steps defer occasionally. This would be annoying to write in native JS, but ICS takes care of the details.

How should I pick a passphrase?

We recommend a sequence of 4 to 6 random words, that have no grammatical connection to each other. This will give you between 50 and 80 bits of entropy, depending on the size of your dictionary and the number of words in your passphrase. Human beings tend to be bad at stringing together random unrelated words, so we made a little Web page that does a decent job of it to help you out.

Where can I learn more about implementation and technical details?

Please see our GitHub-based Technical FAQ

Where is the old 1SP?

The old version of OneShallPass is still available in its original form or with "Legacy mode" set to "on" in the new version. The key-derivation feature changed between the two versions in a way that wasn't backwards compatible. But the new system is strictly better: it (1) adheres to well-known RFCs; (2) means less hashing for honest users; and (3) just as much hashing for would-be password crackers.

How can I back up my server-side data?

Click here to load your server-side data and then decrypt it in your browser. The result is dumped as JSON into a text area.