Hey Andy. Can you reproduce the problem with a test user and/or
a test master password? If so, please specify the test user name,
master password, site name and resulting password on various
as I encountered the same Issue with my new LG G4 I built the app from source and did some debugging. Compared to an emulator (from android-sdk) everything was exactly the same (masterpassword, masterKeySalt, etc) but the generated masterKeys were different. Obviously the scrypt call returns unequal values for equal parameters.
Spontaneously I suppose either the different Android version (5.0 vs 5.1) or the different architecture (x86 vs arm_x64) to cause the bug in scrypt.
I had a few minutes today and had a closer look at wg's libscrypt. As you probably know it distinguishes three different loaders (sys, jar and nil).
Sysloader which is used by default leads to mentioned behavior.
JarLoader throws an Exception and
NilLoader with its Java implementation returns the expected key though it takes almost a minute to derive the key.
In case you my need a helping hand investigating this issue feel free to contact me and I'll see what I can do
on 22 Dec, 2015 02:33 PM
I have the same issue on a Sony Xperia Z5 Compact, Android 5.1.1 (current official release)
The web/desktop versions deliver the same result, android not.
Note: the Username I tested with contains a "special" character 'é'
your Nexus 5x has the same 64bit CPU as the LG G4 I own. As I pointed out earlier there's a bug in the 64bit Library Maarten ships with his app. So you have to wait until he will release a new version with a fixed library or get yourself another app.
On the bottom, there is a new button "Integrity Tests". From
this screen, we run the standard Master Password test suite. If you
get unexpected passwords, these tests should fail.
If so, see if disabling "Use native key derivation" helps. The
toggle is on the bottom of the tests screen. Note: It will likely
make key derivation extremely slow. Key derivation is only needed
when the user's name or master password changes (or the app
I tested using the apk you linked above. When the "Use native key derivation" checkbox checked, the test immediately fails, saying "Incompatible device or OS". With the checkbox unchecked, the progress is extremely slow indeed but it eventually seemed to have passed. When I came back to the screen after ~2 hours, the test window has gone. I don't know why. But I verified all the tests were passing until it had been running for ~30 minutes.
I can verify Jinwoos experience - it was exactly the same: with native fail; without extremely slow (test took about 70 min) but all tests were successful. Additionally I removed the arm64-v8a libscrypt to provoke the usage of the armeabi-v7a library and with it the native key derivation test were successful too (about 60s)