HomeBlogMaster Key Security Upgrade

Master Key Security Upgrade

Locker blog reading time 2 minutes read
Locker Avatar

luongnh

June 2 2026
Copy
Reading Time: 2 minutes

Security isn’t static – and neither are we. Today, Locker is introducing an important upgrade to how your vault is protected at its core: the master key derivation function. This update gives you a stronger default key derivation and helps you better defend against modern password-cracking techniques.

What’s Changing?

Until now, Locker has used PBKDF2 with 100,000 iterations as the encryption standard. With this update, you now have two new options:

  • Increase PBKDF2 iterations: Upgrade from 100,000 → 600,000 (default) or higher iterations, aligning with current industry recommendations.
  • Switch to Argon2id: A modern, memory-hard algorithm designed to resist GPU and hardware-based attacks more effectively.

These options are available directly in your security settings, so you can choose the level of protection that fits your needs.

PBKDF2 vs Argon2id: What’s the Difference?

Here’s a practical comparison to help you decide:

🔹 PBKDF2 (Password-Based Key Derivation Function 2):

  • Security: Provides strong protection by slowing down password-guessing attacks
  • Performance: Lightweight and efficient, works well on most devices
  • Best for: Older devices and devices with limited processing power

🔹 Argon2id:

  • Security: Offers stronger protection by requiring both processing power and memory, making attacks much more expensive and difficult
  • Performance: Use more resources (using both CPU and memory), which may increase unlock time
  • Best for: Users prioritizing maximum security, especially against modern attack methods

👉 In short:

  • PBKDF2 (600k) = Safer upgrade with minimal impact
  • Argon2id = strongest protection, with a small performance trade-off

Important: Before You Update

Before making any changes to your key derivation settings, we strongly recommend exporting your vault data as a backup. While the upgrade process is designed to be safe, changing key derivation parameters affects how your vault is encrypted and decrypted. Having a backup ensures you can recover your data in the unlikely event of an issue.

Why This Matters

Password cracking capabilities continue to evolve. Strengthening your master key derivation is one of the most effective ways to ensure that – even if your encrypted vault is exposed – your data remains secure.
This update reflects our ongoing commitment to giving you transparent, user-controlled security that keeps pace with modern threats.

Latest news

Locker blog

Interviews, tips, guides, industry best practices, and news.

Sign up for our newsletter

Be the first to know about releases and industry news and insights.

We care about your data in our Privacy Policy.