Blockchain Blog

Quick Bit: Boost your password security in one easy step

Welcome to our Quick Bit series, where we provide you quick and easy tips that explain one specific feature of our products or services.

In this Quick Bit, we will discuss how to maximize your security using the Blockchain Wallet.

We’ve previously talked about making your Blockchain Wallet more secure.

Wallet security is so important for anyone new to Bitcoin to learn about, because enabling these settings will mean that you can feel confident knowing you are taking all preventative measures to protect your funds from theft.

Today, let’s talk about PBKDF2 Iterations.

PBKDF2 is short for Password-Based Key Derivation Function 2. PBKDF2 is a function which stretches your password, increasing the effort required to brute force it. A higher number of iterations is better however you may notice a slowdown of your browser. By stretching your password, you are making it stronger and harder to break into.

Here is a more technical explanation of PBKDF2, via Wikipedia:

PBKDF2 applies a pseudorandom function, such as a cryptographic hash, cipher, or HMAC to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult, and is known as key stretching. When the standard was written in 2000, the recommended minimum number of iterations was 1000, but the parameter is intended to be increased over time as CPU speeds increase. Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks, and means that multiple passwords have to be tested individually, not all at once. The standard recommends a salt length of at least 64 bits.

In short, by enabling PBKDF2, you are increasing your wallet security. We offer different levels of iterations, from 10 iterations up to 20,000. To change the number of iterations and increase your wallet security, log into your Blockchain Wallet, and click on* Account Settings*. On the left hand navigation menu, click on Debugging on the bottom left, and then change the value of your iterations.

**Update: PBKDF2 Iterations can now be found by clicking on Account Settings, then Security. For increased security, all new wallets generated will automatically be set to 5,000 Iterations.

[![PBKDF2-update](http://blog.blockchain.com/content/images/2014/11/PBKDF2-update.png)](http://blog.blockchain.com/content/images/2014/11/PBKDF2-update.png)
PBKDF2 wallet configuration section
If you have a suggestion for a Blockchain Quick Bit, please reach out to us on [Twitter](http://twitter.com/blockchain), [Facebook](http://facebook.com/), or comment in the box below!