ppm — GitHub

Pascal Password Manager

A password manager I built and used between 2016 and 2018. All cryptography runs locally in your browser — nothing is transmitted or stored.

Python and Android implementations are also available.

Generate password

Credits for Scrypt implementation: dchest/scrypt-async-js

Because there are no third-party dependencies or remote services, the trust surface stays minimal. The same strong password is deterministically derived each time from your master password and a per-site keyword (e.g. blue-sky or orange-tiger).

Under the chosen scrypt parameters, a brute-force attack would take roughly 10¹⁹ years on a million MacBook Pros to reach the expected halfway point of the keyspace. (I wrote that estimate about 10 years ago.)

Revisiting the estimate in 2026

Hardware has moved on, so it's worth redoing the math. The parameters here are logN = 15, r = 8, p = 1, which means each scrypt evaluation touches 128 · r · 2^N = 128 · 8 · 32768 ≈ 32 MB of memory and performs on the order of 4 · r · 2^N ≈ 1.05 · 10⁶ Salsa20/8 core operations. Because scrypt is memory-hard, throughput is bounded by RAM bandwidth as much as by raw CPU.

2016 baseline. A mid-range MacBook Pro of that era (Intel Core i7, 4 cores, ~25 GB/s memory bandwidth) ran a single evaluation in roughly 300–400 ms, giving about 10 evaluations/second when fully parallelised across cores. A million such machines therefore deliver around 10⁷ evaluations/second, or ~3 · 10¹⁴ per year.

Halfway-point assumption. The original figure assumed a master-password keyspace of roughly 2¹¹⁰ ≈ 1.3 · 10³³ candidates, with brute force expected to find it after searching half: 6.5 · 10³² evaluations. Dividing that by 3 · 10¹⁴ evaluations/year gives ~2 · 10¹⁸ years — within an order of magnitude of the 10¹⁹ figure (the original was a back-of-envelope upper bound).

2026 hardware. A current MacBook Pro (Apple M-series, 10–14 performance cores, ~400 GB/s unified memory bandwidth) completes a single evaluation in roughly 15–25 ms per core. Multi-core throughput lands around 500 evaluations/second per machine — call it a ~50× speed-up over the 2016 baseline, dominated by the jump in memory bandwidth rather than clock speed.

Updated estimate. A million 2026 MacBook Pros deliver 5 · 10⁸ evaluations/second, or ~1.6 · 10¹⁶ per year. Searching half the keyspace then takes 6.5 · 10³² / 1.6 · 10¹⁶ ≈ 4 · 10¹⁶ years — still about three million times the age of the universe.

In other words: ten years of hardware progress shaved roughly two orders of magnitude off the number, and the answer is still "not in any human time frame." The memory-hardness of scrypt is doing its job — speed-ups track memory bandwidth, which scales far more slowly than transistor counts.