Change Your Master Password

You can change your master password at any time. When you do, Bittery re-encrypts your vault keys with the new derived key — your actual vault data doesn't need to be re-encrypted.

Before you start

Warning

Make sure you have your Secret Key available. You'll need your current password and Secret Key to authorize the change.

How to change your password

Open Settings

In the Bittery web app or desktop app, navigate to Settings → Security.

Click 'Change Password'

You'll be prompted to enter your current master password.

Enter your new password

Choose a strong, unique password. We recommend at least 14 characters with a mix of letters, numbers, and symbols.

Confirm the change

Bittery will derive new encryption keys from your new password and re-encrypt your vault keys. This happens entirely on your device.

What happens behind the scenes

  1. A new Master Unlock Key is derived from your new password + Secret Key + email
  2. All vault keys are decrypted with the old key and re-encrypted with the new key
  3. Your RSA private key is re-encrypted with the new Master Unlock Key
  4. New SRP credentials are generated and sent to the server
  5. All other active sessions are terminated for security

Note

Your actual vault data (passwords, notes, etc.) is not re-encrypted — only the vault keys that protect it. This makes password changes fast regardless of how many items you have.

After changing your password

  • Sign in again on all your devices with the new password
  • Update your master password reference wherever you've stored it
  • Your Secret Key does not change when you change your password
PreviousEncryption Overview
NextManage Your Devices