Founded by Maarten Billemont, Spectre aims to address the growing trend of corporate ownership over our digital identities on the Internet.
Maarten Billemont began his professional work in the security industry at Secuteam, where he worked on a hardware firewall product for small businesses. The AXS Web box formed a one-stop solution for protecting a business network from spam and intrusion, while ensuring reliable auditing capabilities. The product was beefed up with SNMP-based health monitoring and automatic fail-over to avoid any single point of failures.
In 2007, Maarten joined the team at Lin.K in developing a centralized multi-factor identity management platform. The solution integrated multiple security levels by combining password-based, email, SMS and smartphone to smartcard authentication through government-issued electronic identity cards. The final product yielded a centralized data-store for users to selectively share their private information through SAML/OpenID with interested parties via single sign-on while retaining full privacy and access control.
At this point it had become clear that web hosts were unlikely to universally adopt strong authentication technology. At the same time, user agents were moving too slowly to encourage adoption of stronger web authentication standards.
As the Internet exploded in popularity and businesses quickly moved to make their services available digitally, the problem of online authentication through passwords became one of scale and quickly snowballed out of proportion.
Consequently, web users were inundated with “solutions” to address the growing need for retaining some modicum of security in a world where individuals required strong shared secrets for hundreds of distinct service providers. The go-to solution was always to same: a re-branding of the old sticky note for the digital age brought a wide range of password vaults on offer, each boasting of its military-grade encryption.
When users moved from accessing their digital lives from a single home computer to a multitude of smart devices, it became apparent that these vaults were unable to meet the growing demand for reliable access to one’s many online services as devices quickly went out of sync with each other. Again, the solution was to map an old paradigm to a new one, and vaults moved from local to remote as corporations began hosting our digital identities in their vast cloud networks.
These developments were all toxic for individual control over one’s online persona and ultimately the personal authority over locking down one’s own data and privacy. This became all too apparent when the PRISM program became public knowledge and the extent of corporate collaboration with hidden government initiatives for mass civil surveillance was unmasked.
In 2011, Maarten began work on an algorithm to address the pervasive problem around password security.
The foundational principle was statelessness: where state is the act of keeping information safe by saving it in a certain location, statelessness is the idea of developing solutions that do not require any information be saved at all. Where there is nothing to save, there is nothing to keep safe. There is nothing to protect and nothing that can become compromised or unavailable.
Developing a stateless cipher that was capable of balancing between the many needs of a complete password solution – including producing secure results, defending against cipher attacks and remaining compatible with a wide variety of website password policies – took research, feedback from the security community, and multiple product iterations.
The first version of the product was published under the name
One Passwordon January 4th, 2012.
The product was renamed to
Master Passwordand first released on Apple’s App Store on June 26th, 2012.
Master Passwordavailable for professional environments, on December 3rd, 2013, the first command-line interface was published.
Multi-platform access was critical to ensure equitable availability and on June 8, 2014, a cross-platform desktop solution was launched.
The product was redesigned and on August 28th, 2014, the solution came to Mac computers and Android devices for the first time.
Pushing general availability further, on October 23rd, 2014 came the first web-based solution to accessing your passwords through the cipher.
On February 10th, 2018 began the major effort of rewriting and modernizing the solution, forming the foundation for scaling up the product.
November 2019, the product was rebranded and major internal effort was put into bringing the original
Master Passwordsolution to the mass market.
The first alpha version of
Spectrewas made available to beta testers on November 21th, 2020.