Skip to content
Partial passwords implemented using threshold secret sharing.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


A basic Scala implementation of partial passwords relying on ideas from this threshold secret sharing expired draft proposal. TSS is a refinement of Shamir's secret sharing algorithm which works by considering the secret and shares on the level of individual bytes. It has some restrictions on secret size and share counts which are unlikely to matter in practical applications. The IETF draft may be helpful when deciphering some of the more idiosyncratic names in the code.

Note that while this method allows partial passwords to be used securely without unreasonable space requirements, any security system using it will still be as vulnerable to mitm, phishing or social engineering as simpler methods. Know your threat model! In particular, don't bother with this if you are likely to be subject to recording attacks. See "Give me Letters 2, 3 and 6! ": Partial Password Implementation & Attacks, David Aspinall and Mike Just. Also read this and be warned.

I wrote this as an exercise in ScalaCheck and because last time I looked I couldn't find any implementation of partial passwords in Java or Scala.

See also this somewhat neater and more comprehensive python implementation of TSS.

You can’t perform that action at this time.