How zero-knowledge protects your passwords
Trusting your sensitive information to online tools and service providers is a difficult decision to make. Not all digital products are created to safely store and manage your personal or team information so it is hard to separate secure tools from those who might experience data breaches, especially when most of us are not tech people. If you want to protect your sensitive information, you should choose services or tools built with zero-knowledge encryption.
What is it exactly?
Technically speaking, zero-knowledge password proof or zero-knowledge protocol is a method in cryptography where one party (the prover) can prove to the other party (the verifier) that he knows the secret information without revealing it.
In other words, it means that only you have access to your secret information, in this case passwords, and no one else is capable of reaching it, even service providers. How is that possible, you may ask?
Well, zero-knowledge encryption is an exceptional solution that makes your files encrypted safely and only you have the key (your master password) to decrypt those files. This means that if a governmental institution would ask a service provider to reveal all the stored data, all they would get would be encrypted files. This is because encryption and decryption happens only on the user side.
The most popular explanation
Zero-knowledge is not easy to explain, so here is a popular and simple example of how it works in a real life situation:
Imagine that you have two balls — one green and one red, but your friend is color-blind and he cannot tell the difference. To prove to him that the balls are different you start playing a game — your color-blind friend hides the balls behind his back and reveals one of them. You have to remember the color and keep playing this game by telling him whether or not he switched the balls and showed you a different one. You keep playing this game many times and by continually telling your friend whether he switched the balls or not, you prove to him that they are in fact different colors. But your friend still doesn’t know which ball has which color.
So this example explains how zero-knowledge works. You can prove that you have a key to your data by never exposing that key. It is important to understand that if you forget or lose your key (master password) — your data is lost too as it is not possible to access any of it without a key.
Trust no one, but the best cyber security solutions
It’s true that not all password managers are built on zero-knowledge encryption. They might be using other cybersecurity algorithms, however, this means that they will store your data somewhere else.
Zero-knowledge based solutions do not have an extra copy of your passwords and that is another reason to trust tools built on this cyber security solution. Everything that happens on a password manager with zero-knowledge encryption is safe. It means that storing, managing and sharing passwords is completely safe.
So if you’re on a password manager which has no proof of zero-knowledge, consider searching for better and safer solutions as there is no need for any service provider to store your sensitive data and make you vulnerable to cyber attacks.
Written by Danielė Bičiusė, a communication manager at Adeo Web.
All images © Robertas Zigmantavičius