Master Password Backup

ignoramous: > And…? Android (the OS) prefers it does not have to “handle” master secrets… ??? lyricism: > I think the issue is just that you can’t really measure entropy of a non-random password. Cryptographic entropy is a property of the mechanism by which the password was generated, not the password itself. That’s why a passphrase of x characters has less entropy than a password with x characters. If someone creates a password that’s just their name any entropy estimate will be inaccurate. You need a secure random method of generation for any entropy estimates to be accurate. For example: You generate 12 characters out of a pool of 30 characters. The entropy is 5.31441×10¹⁷, expressed in base2 it would be 58.9bits of entropy.