The 64 bytes long key derivation is stored in 'master_passphrase'
pref, together with number of rounds used in its computation.
Introducing also two new common prefs:
master_passphrase_salt - holds a randomly generated 64 bytes
for use as salt with PBKDF2. Base64-encoded.
master_passphrase_pbkdf2_rounds - number of rounds (or
iterations) for next passphrase key derivation
The latter can be tweaked by user in case they want to use more
or less rounds, e.g. if they're running on weaker hardware and
KD with default number of rounds takes too long.
This is to help diferentiate between passwords coming from
accounts, plugins, etc., and the master passphrase used in
an AES encryption key for encrypting these passwords.
Passwords are only decrypted before their actual use, not
while loading from accountrc.
Passwords are stored as "{algorithm}base64encodedciphertext",
encrypted using AES-CBC cipher, with PASSCRYPT_KEY used as
and encryption key.
Optionally, the encryption key, also known as "master password"
can be changed by user.