The best and most secure password manager

[phyzguy]

This discussion is not increasing my confidence in password managers. I think I'll stick with my physical notebook.

 

[symbolipoint]

This discussion is not increasing my confidence in password managers. I think I'll stick with my physical notebook.

But for many users, they can be very convenient. Try more than one and see how well you can adapt and learn. Look to the product's help forum (IF ANY) for guidance just in case some real help is possible.

 

[phyzguy]

But for many users, they can be very convenient. Try more than one and see how well you can adapt and learn. Look to the product's help forum (IF ANY) for guidance just in case some real help is possible.

Convenience was never the issue. It's all about security. Using the same password '1234' for all sites is also very convenient.

 

[symbolipoint]

Convenience was never the issue. It's all about security. Using the same password '1234' for all sites is also very convenient.

But they both are - not just one - not just either or.

We need a password for SECURITY and we can write it in a note someplace where most people do not know where to look. We can do this for many usernames and passwords for site accounts.

We WANT a password manager program for CONVENIENCE to help us with SECURITY.

 

[sysprog]

The better target is wherever both parts exist together. One such place is your PC.

Only during password validation is the clear text password in your PC.

Somewhere in memory your real password exists.

Not after password validation is concluded.

If it's a laptop, and you've ever gone into hibernation, chances are the real password may still exist somewhere on disk as well.

The memory content gets compressed and temporarily saved to the disk during hibernation, but during your session, the memory doesn't have your clear text password anyway.

Laptop stolen? So were your passwords.

Not so, unless you manually saved them in clear text in a cheat sheet file. Only hashes are stored on the HDD by Windows, OSX, or Linux.

Of course, an encrypted Excel file has the same problem, and an unencrypted Excel (or plain text) is even worse.

Excel used weaker encryption comparatively late into the game, and has an escrow policy option that if exercised weakens the overall security, but does not anywhere store passwords in clear text.

For those (Greg Berhardt and symbolipoint?) who use Chrome and Firefox to store their passwords, please bear in mind that they store them in plain text and that it's very easy to display them.

It's easy for you to display your own passwords, but if you do a switch user to another account, you won't get the clear text passwords for the prior account.

Anyone having a direct access to your computer can see your passwords and it's likely possible for online crackers to get their hands on them too.

Only while you're logged in are the passwords available to you in clear text. They're encrypted using the Windows DPAPI (Data Protection API), which makes them no less (or more) secure than your Windows login. You can test these assertions by attempting a direct find of the clear text for a password on the HDD or in a memory dump.

 

[Vanadium 50]

Somewhere in memory your real password exists.

Not after password validation is concluded.

You sound certain.

Let's go with an oversimplified example. Your password is abcdef. The algorithm to generate the real password is to add together the piece on disk, aaaddd with the piece in the cloud, 012012. You are telling me that after the authentication neither 012012 nor abcdef exists anywhere in memory and you are 100% sure of this?

 

[fluidistic]

It's easy for you to display your own passwords, but if you do a switch user to another account, you won't get the clear text passwords for the prior account.

I do not think so. If you have the chance to be logged into another account, then you reboot and plug a thumbdrive with almost any Linux distribution on it. Then you have access to all files from the Windows (or even Linux) users, unless they have encrypted their hard disk.

 

[sysprog]

You sound certain.

Please trust me when I assure you that if I ever seem certain and later turn out to have been wrong, it won't have been the first time such a confluence of events has occurred.

Let's go with an oversimplified example. Your password is abcdef. The algorithm to generate the real password is to add together the piece on disk, aaaddd with the piece in the cloud, 012012. You are telling me that after the authentication neither 012012 nor abcdef exists anywhere in memory and you are 100% sure of this?

I can't say what the interaction between 'the cloud' and the client is. If your login password is abcdef, and its encrypted hash is aaaddd, it is not clear to me what 'piece in the cloud' is ever added with aaaddd. What is stored on the site for which you have a login password is its server's own hash of some other clear text password, say abcxyz. That clear text password is not stored on your machine when your browser remembers a password for you.

If your browser, e.g. Chrome, remembers abcxyz as your password at site1.net for you, it uses the DPAPI to generate an encrypted version of it that is dependent on your Windows login. When you return to the site to log in again, and Chrome remembers abcxyz for you, it doesn't pull it in from clear text on your machine. It retrieves it in the form in which it had previously encrypted it using a key that is dependent on your Windows login password, and decrypts it by again calling the DPAPI.

Here's a link to an article describing the DPAPI: https://docs.microsoft.com/en-us/pr...55(v=msdn.10)#windataprotection-dpapi_topic04

In my post, I used the words "clear text password" instead of your term "real password". Specifically, in response to your contention "Somewhere in memory your real password exists.", I responded, "Not after password validation is concluded."; i.e. the password that you just entered at the Windows login prompt is NOT stored for the life of the session, but is discarded at the completion of validation.

Subsequently, during the Windows session, when Chrome offers to remember a password for a site, having intercepted the clear text password, if authorized by the user to save the password, uses the hash of your Windows password to generate a key by which to encrypt, to a new hash, your password for the site, and stores that hash in its own local database on your PC, NOT on its servers.

If you disconnect your machine from the net, you can still clear saved passwords from Chrome. (I'm not referring here to authorizations to use your Google account credentials.), because the encrypted passwords are stored locally. All that has happened is that Chrome has encrypted a site password using indirectly a locally stored hash of your Windows login password, and has stored the hashed result locally on your machine. That password is not compromised if the integrity of your Windows login password is intact.

If you log off and power off your machine, a subsequent possessor who does not have your login password will find it encrypted, and will find any site passwords saved on the machine by Chrome to be also encrypted. All the data that is encrypted via the Windows DPAPI, or (on non-Windows machines) via the OSX or Linux keychain mechanism, is dependent on your login password.

That leads to the question, how difficult would it be to find your hashed login password by reading the HDD, and then transform it the same way the DPAPI would, and then use it to decrypt everything that was encrypted using DPAPI, i.e. all your site passwords?

The DPAPI article linked above says:

Because DPAPI requires a password to provide protection, the logical step is for DPAPI to use a user's logon password, which it does, in a way. DPAPI actually uses the user's logon credential. In a typical system, in which the user logs on with a password, the logon credential is simply a hash of the user's password.
​

From your post:

Laptop stolen? So were your passwords.​

and from my response:

Only hashes are stored on the HDD.​

If the login password hash can be recovered and used to decrypt the other hashes, then storing the hashes for the browser-saved site passwords instead of saving them in clear text offers only a veil of obfuscation against someone in physical possession of the device, rather than the strength of the encryption algorithm by which the hashes are generated -- no encryption algorithm can offer secrecy greater than the secrecy of its key.

So, on review, I can't say that I'm sure that someone who steals your PC can't use reasonably straightforward forensic techniques to recover all your site passwords that your browser remembers.

 

[sysprog]

The page at:

https://www.nirsoft.net/utils/dpapi_data_decryptor.html​

describes a freeware DPAPI decryptor tool, and gives the following download link for it:

https://www.nirsoft.net/toolsdownload/dataprotectiondecryptor-x64.zip​

Another NirSoft page at

https://www.nirsoft.net/utils/chromepass.html​

describes a Chrome-specfic password recovery tool with the download link as follows:

https://www.nirsoft.net/toolsdownload/chromepass.zip​

I will on a test machine see whether I can use these and other tools to decrypt Chrome browser-saved passwords using only found hashes. I'm skeptical, because, as far as I can tell right now, the commercial password recovery products don't say they can do that. They tout their ability to get your other passwords given your Windows login password in clear text, and the ability to reset your Windows login password, but I don't see any of them claiming to be able to recover your Windows-login-password-dependent other passwords without your clear-text Windows login password.

 

[elusiveshame]

You sound certain.

Let's go with an oversimplified example. Your password is abcdef. The algorithm to generate the real password is to add together the piece on disk, aaaddd with the piece in the cloud, 012012. You are telling me that after the authentication neither 012012 nor abcdef exists anywhere in memory and you are 100% sure of this?

DB queries are held in memory until it's no longer needed, Windows passwords are hashed in memory until a reboot, and if you use cookies - your hash, or some authentication, is in memory (of some form). Remember - you have to authenticate every page load to ensure you have the proper access. Can't do that if something isn't in memory stating you have permission.

 

[sysprog]

DB queries are held in memory until it's no longer needed, Windows passwords are hashed in memory until a reboot, and if you use cookies - your hash, or some authentication, is in memory (of some form). Remember - you have to authenticate every page load to ensure you have the proper access. Can't do that if something isn't in memory stating you have permission.

The reason for the question raised by @Vanadium 50 had more to do with whether the DPAPI is adequately protective against someone who is in possession of the machine. The later part of the discussion was regarding whether the hash of the Windows login password could be retrieved from a physical search of the HDD, and used to produce passwords secured by the DPAPI. There is an opacity component of the DPAPI that is intended to make that difficult. For my part, just how possible or difficult that might be remains to be seen.

 

[rcgldr]

How secure is the encryption used for password protected zip files? If it's good enough, you could zip a text file with some random text patterns embedded along with the actual password info.

 

[sysprog]

7-zip is open source, and can use AES-256, which is strong.

 

[harborsparrow]

Sorry to find this
https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

 

[vela]

It's apparently part of a widespread set of breaches.

https://arstechnica.com/information...s-caught-up-in-the-twilio-hack-keeps-growing/

 

[Vanadium 50]

I don't consider the LastPass breach as terribly dangerous. Did they get any master passwords? No. (And they can't, since LastPass doesn't know them. This has other issues, but this isn't one) Did they get any credit cards? No. Did they get any client PII? Again, no. Might they have gotten some code? Yes. The idea behind public-key encryption is not to rely on "security by obscurity" so in principle the code is unhelpful. In practice, it's hard to say.

They got access somehow to a development system, presumably through carelessness, malice or greed on the part of an employee. Thing is, I don't think this is something that can easily be protected against. Does Company X have better employees than Company Y? How would you even tell.

The Authy breach looks more troublesome.

 

[Greg Bernhardt]

For work we use https://1password.com/ so that must be decent.

 

[harborsparrow]

I don't consider the LastPass breach as terribly dangerous...

My understanding is, they copied a portion of the source code. That would certainly be enough to cause me to stop using the product at this time, in an abundance of caution.

 

[FactChecker]

My understanding is, they copied a portion of the source code. That would certainly be enough to cause me to stop using the product at this time, in an abundance of caution.

I don't think I would worry too much about that. Some of these systems are open source and it is not a problem. Just don't download a new version from an unsafe source.

 

[harborsparrow]

I don't think I would worry too much about that. Some of these systems are open source and it is not a problem. Just don't download a new version from an unsafe source.

The accounts I have read all emphasize that some of the IP (intellectual property) of the company was also stolen, and researchers have specifically warned that they expect information from the breach will be used to further probe the company's defenses. I take that seriously. It clearly wasn't just the open source portions of the code that were taken. https://www.darkreading.com/cloud/lastpass-data-breach-source-code-stolen

 

[FactChecker]

The accounts I have read all emphasize that some of the IP (intellectual property) of the company was also stolen, and researchers have specifically warned that they expect information from the breach will be used to further probe the company's defenses. I take that seriously. It clearly wasn't just the open source portions of the code that were taken. https://www.darkreading.com/cloud/lastpass-data-breach-source-code-stolen

Good point. It might help them to get other information from a website that has passwords. My point about open source is that the code alone is probably not a problem, whether open or proprietary.

 

[Vanadium 50]

This is why "security by obscurity" is a bad idea. One should design a system that is secure even if a bad actor has the complete source code. Because sooner or later, he will.

 

[anorlunda]

Here's a passage from the linked article.

"An additional consequence that can occur from stolen or leaked source code is that this code can disclose secrets about an application's architecture," he said via an emailed statement. "This may reveal information about where certain data is stored and what other resources an organization may use. These factors could then equip bad actors to inflict additional harm on an organization after the fact."

Hasn't it been the mantra of security experts since the dawn of time that security via obscurity doesn't work? If it's really secure, the source code could be published. That view is subject to criticism, but so is the opposite view that stolen or leaked code must be a risk.

Edit: I see that two others posted that point before I did. Oh well.

 

[Vanadium 50]

There are good reasons to keep the source code private - e.g. "we plan to sell the object code". Security is just not one of them.

 

[fluidistic]

7-zip is open source, and can use AES-256, which is strong.

7 zip used to be insecure (main programmer wouldn't fix old security flaws regarding encryption). I would suggest the use of a password manager instead.

Passwords are becoming obsolete nowadays. At the very least, I suggest using 2FA or MFA for important accounts, like your email account from which a malicious hacker could get the control over most of your accounts. Do not use SMS authentification, rather use a hardware dongle with FIDO capability.

 

[Wrichik Basu]

Do not use SMS authentification, rather use a hardware dongle with FIDO capability.

I get your point — even the phone can be hacked, and then the SMS or email authentication will not provide any safeguard. But a physical key has a few limitations. First, the cost. Secondly, there is a finite probability of losing it, which means that it will be safer to attach two keys to each account so that there will be one for backup. But that adds more to the cost.

 

[anorlunda]

My understanding is, they copied a portion of the source code. That would certainly be enough to cause me to stop using the product at this time, in an abundance of caution.

When you find a perfect system free from risks, be sure to let us know.

 

[Vanadium 50]

I suggest using 2FA or MFA .

The problem with 2FA is that most use your cell phone, which makes losing it even more of a crisis.

There is a complex optimization problem involving security, convenience, reliability, cost, etc.

 

[fluidistic]

The problem with sms as 2FA is not getting your phone stolen (after all, it should be encrypted unless you're Evo Morales), it's that you open yourself to sim swapping attacks, where a malicious person impersonate you in a phone call, saying he lost his phone, and he then gets a new sim card with your number, gaining access to your second FA.

Yes, getting a dedicated hardware for security isn't free, maybe from around 20 usd up to 250 usd. But it may still be worth it. There are several types of.them, and losing one of them may have different consequences.

I use one such hardware, it's just password plus having to press a button on that hardware. If I lose my cell phone, I don't lose any access to any of my account. If I lose this special hardware, I'd need to buy a new one (and insert a seed phrase that I backed up in different physical places in case of a H bomb attack).

 

[vela]

My understanding is, they copied a portion of the source code. That would certainly be enough to cause me to stop using the product at this time, in an abundance of caution.

What would give me pause about using Lastpass is the number of security issues the company has had over the last decade or so.

https://en.wikipedia.org/wiki/LastPass#Security_issues

Perhaps it's unfair of me, but it doesn't inspire confidence in the security of their code.

 

[Vanadium 50]

is the number of security issues the company has had over the last decade or so.

Would it make you feel better if they didn't report them?

 

[harborsparrow]

I've said this before: by nature, a password manager company has a big red target painted on it because of the high value of the data it is managing. As vela wrote, I too find it appalling that they allowed their code to be grabbed. Somebody just screwed up, big time.

 

[FactChecker]

I've said this before: by nature, a password manager company has a big red target painted on it because of the high value of the data it is managing. As vela wrote, I too find it appalling that they allowed their code to be grabbed. Somebody just screwed up, big time.

It's a trade-off. Using one main password to encrypt many diverse passwords (I have over 100 of them) can have some security benefits. IMO, it is inevitable for an average person with a large number of passwords to get a little careless with them. A password manager company can use some very good methods to protect the set of passwords. For instance, they could use a master password that is over 50 random characters long and only stored on the user's computer.

 

[harborsparrow]

IMO, it is inevitable for an average person with a large number of passwords to get a little careless with them.

As a sysadmin and programmer, I am "an average person" with literally hundreds of passwords, some really important. When the world got to where we had to use unique passwords everywhere, I started using a system of templates and hints that is entirely personal to me. I don't think it likely that anyone will be able to decipher my system, and they allow me to use complex, unique passwords for everything. I write my hints down publicly, but I've never told a single soul what they mean.

I debated the password manager but it just doesn't make sense, IMO, to put all one's eggs in one basket. And, I want this information under MY control rather that some anonymous programmer. I am forced to change passwords from time to time, and so far, my hint system has held up.

To each their own in this matter!

 

[FactChecker]

Many security systems use publically available algorithms to encrypt their data. Keeping the algorithm secret is not essential for their success. Their strength is in things like using random keys that are very unlikely to be guessed, multi-factor authentication, public/private key encryption, etc. I believe that some companies are already adopting methods to prevent quantum computers from breaking their codes.

 

[harborsparrow]

Why should their code even be stored on an internet-accessible computer? Yes, it would be less convenient for programmers, but if I were managing such a company, that code would not have been stored anywhere that it COULD be stolen without physical access. Of course, we don't know how it was stolen, but just saying.

 

[Wrichik Basu]

Why should their code even be stored on an internet-accessible computer? Yes, it would be less convenient for programmers, but if I were managing such a company, that code would not have been stored anywhere that it COULD be stolen without physical access. Of course, we don't know how it was stolen, but just saying.

At the same time, we also have open-source password managers like Bitwarden. So, security can be tight even if the code is public. But if the code is regarding something on their server setup (for example), then that definitely shouldn't be kept on a server that has internet access.

 

[vela]

Would it make you feel better if they didn't report them?

It would make me feel better if they didn't have any issues to report in the first place.

There's an update to the last breach. It turned out to be worse than LastPass originally thought.

https://arstechnica.com/information...ned-vault-data-and-a-wealth-of-customer-info/

 

[harborsparrow]

The report back in August was dire enough due to this phrase: "cloud storage access key and dual storage container decryption keys were obtained"

This tells me off the bat that they are using the cloud, which frankly I find horrifying. How much software exists in the cloud that is not under LastPass control? How can they advertise that their product is secure if they are using cloud-based servers? It boggles the mind.

 

[fluidistic]

I use KeepassXC since 2015.

 

[phyzguy]

I feel better and better about my hardcopy notebook.

 

[pbuk]

This tells me off the bat that they are using the cloud, which frankly I find horrifying.

Oh no, a cloud-based password manager is using the cloud: why weren't we told? Good job we are safe on forums like PhysicsForums, no cloud-based nonsense here. Connecting computers together and storing stuff on them is all very well, but it would be stupid to allow anyone to access any of it.

Oh wait.

 

[DaveE]

I feel better and better about my hardcopy notebook.

You mean the one in your desk drawer where you probably didn't write out the whole pw anyway? Like this?

So you're in Uzbekistan or Panama and want my passwords? You might have to come here and break into my house. Sure, the NSA can get in, but it isn't as easy as it looks. You may find it easier to work on getting a whole boatload of passwords at once. You know, like, from the cloud.

BTW, go ahead and guess. Sell it in Russia. I don't care. That device is history. I'll buy disk drives from WD, but I'm not really on speaking terms with their other business units.

 

[phyzguy]

You mean the one in your desk drawer where you probably didn't write out the whole pw anyway? Like this?

Exactly! That's exactly what I do. Even if someone somehow got the notebook(unlikely), they would still need to decipher the missing characters that I don't write down.

 

[vela]

Perhaps it's unfair of me, but it doesn't inspire confidence in the security of their code.

Apparently, my lack of confidence wasn't misplaced.

Jeremi Gosney summarizing the situation with LastPass

It looks like LastPass can definitely be crossed off the candidate list of the best and most secure password managers.

 

[anorlunda]

It looks like LastPass can definitely be crossed off the candidate list of the best and most secure password managers.

Ouch. I've been a satisfied LastPass customer for several years. But after reading that blog post, I'm going to switch.

 

[Wrichik Basu]

Apparently, my lack of confidence wasn't misplaced.

Jeremi Gosney summarizing the situation with LastPass

It looks like LastPass can definitely be crossed off the candidate list of the best and most secure password managers.

Very well. I have been using Bitwarden for quite some time after LastPass limited free users to either the PC or phone. I bought the paid version of Bitwarden last month, and the primary reason was that it was OSS, and then it was fa cheaper compared to others.

Even then, I didn't delete my LastPass account. I read the article you linked in #88, and decided it was time to delete my account. After reading the article you linked, it seems I took the right decision. Now it also seems that I should change my passwords as well, which is frustrating.

 

[anorlunda]

Don't forget that you should have your most secure accounts (banks, investments, email, ...) should be protected with multi-factor authorization. If they are, a hacker who cracks your password still can't get in, and you may get notified if he tries.

 

[Vanadium 50]

It looks like LastPass can definitely be crossed off the candidate list of the best and most secure password managers.

Why?

I am annoyed with them too (and there are unquestionably things it does poorly), but not for this breach.

• Password Managers will always be targets. Popular password managers will always be big targets,.
• Passwords are not compromised. Worst case, billing information was stolen. Just like at Target. And Facebook. And Yahoo. And linkedIn. And Marriot.
• There is some evidence that this was partly an "inside job". That will always be hard to protect against. If the US Department of Defense can't, why should we expect anyone else to?

Password Managers might make you 10x or 50x as secure. It's in my view a mistake to avoid them because 10 is not infinity.

 

[vela]

Password Managers might make you 10x or 50x as secure. It's in my view a mistake to avoid them because 10 is not infinity.

I'm not suggesting avoiding password managers in general, just LastPass as the company has repeatedly made poor choices. Use a password manager from a company or project that takes security seriously.