It is called stateless (or deterministic) password manager.
First of all it's not a key-derivation algorithm but a "combination algorithm" which generates way-much stronger keys other than bcrypt,scrypt and argon2. We will put benchmarks soon.
Most of the stateless password managers just uses one type of key-derivation algorithms but Forgiva uses a lot of encryption and hashing algorithms added depending on the master-key.
Tying algorithm order with master-key makes it impossible to determine an estimation time (and processor cost) for a brute-force attack session. This puts Forgiva one step beyond others. Please take a look at iterative-hashing and iterative-encryption methods at open source implementation
Forgiva surpasses most of the arguments against the idea and presents stateless password managing as a great method to get protected.
First of all we must understand how malwares attack to existing password managers. You can take a look at Citadel Trojan for example. They hijack your interaction with computer and try to fetch all the actions you make to unlock authorizations. First and foremost they track your keyboard and get key sequences to determine the password you enter. And if it is possible on some cases they hijack into application memory to dump stored master-keys.
In Forgiva, we understand this risk and we put counter-measures to harden theft attacks. We put visual confirmation mechanism and we put certification system. By those, even a malware steals your master-key it is not enough to re-generate your passwords. It should find out (by monitoring your screen) your visual confirmation pattern and certificate data (by accessing your filesystem).
By these measures, Forgiva protects you much better than other major password managers.
Forgiva does not generate your password only by using your master-key but certificate and visual pattern. And on some cases if you renew your password, it uses renewal details too.
Passwords, generated by Forgiva are offered with 16 characters minimum (you can go up to 32 characters by default) of length and 70 bits of entropy guaranteed on normal complexity level. And it is called on strong level for financial institutions and military grade applications.
Thus it is not expected for any site to deny Forgiva generated passwords.
You can take a look at open source implementation of Forgiva at https://github.com/sceptive/Forgiva. Algorithm details are well written and open to everyone.
Practically it would take at least a few life-times if you use a good master-password with 60 bits minimum.
Let's consider the account of Bill Gates with "facebook.com" host, "email@example.com" account and "forgiva is the best" password. on a Macbook Pro 2014
To crack a password with 73 bit entropy it would take ~6 million years to complete all combinations on Normal complexity.
On Intermediate complexity it will take ~24 million years and on Advanced complexity it will take ~280 million years to reach all combinations at minimum.
Forgiva is developed by Sceptive, a professional security firm with talented hackers servicing to financial corporations, military agents and various highly-graded corporations all over the world.
Idea and major development has been done by Harun Esur, founder of Sceptive.