If you're looking at this problem not as a technical person, but just as someone looking for the most practical solution to the problem ... Chrome's built-in password management is the obvious mass-market solution.
It suggests (relatively) strong passwords, it discourages password re-use, it surfaces when you use passwords that have been found in a data breach, and it allows you to access these passwords across devices.
I have no idea about the cryptographic strength of Chromes's offerings, but the fact that it is the leading browser worldwide means that it's going to be dead-simple for most people to adopt, even those who are decidedly non-technical.
(Personally, I use Bitwarden and 1Password, but I'm a software engineer. I would not expect my elderly family members to do the same, especially because both involve installing and maintaining browser extensions that can be finicky when Chrome updates.)
> Personally, I use Bitwarden and 1Password, but I'm a software engineer. I would not expect my elderly family members to do the same, especially because both involve installing and maintaining browser extensions that can be finicky when Chrome updates.
I've used 1Password for several years now. A couple years after I started using it, I upgraded to the family plan and got my wife into it. Granted, she's not elderly, but she's not exactly confident about technology. I was able to get her pretty comfortable with it in about two weeks. Now, we can easily share credentials with each other for things like Netflix or certain accounts we've set up for our kids by just putting them in our shared vault.
Im sure if I was trying to get my grandma to use it, she wouldn't get it, but in my experience 1Password at least is accessible to the non-techies among us.
I'd agree with this and in a bit more bitter sentiment, I don't understand why absolutely everything has to have an extremely low learning curve. If you can drive a car or bake some bread, you can take the literal 30 minutes it takes to learn how to use a (brilliantly designed, in my opinion) UI/UX tool like 1password.
This is the main reason to avoid browser based password managers, just plugin a usb with portable firefox and 'import' the passwords into firefox, nothing will try to stop this
If the user is logged into the PC, everything is available to extract, nothing is really preventing any extraction besides the windows user account
This is false in some scenarios. Dumping browser credential vaults as well as extracting from active memory have both become de facto standard post-exploitation behaviors.
It's all a question of your threat model. The biggest threats I see for most users are:
1. Password reuse, where a relatively unimportant account (shopping site) getting cracked gives the attacker the same password you used for a critical account (email).
2. Phishing, where you enter your password on a fake login page.
3. Lost device, where someone finding it can easily impersonate you on any site you're logged into.
A password manager handles (1), and if it auto-fills reliably on websites (as Chrome's does) that handles (2) as well. For (3) you want disk encryption, which is now standard on phones and is an easy option on laptops as well.
After these, my next concern would be compromise of the cloud-based password backups. Here is where your parent's comment on Google's security is relevant: Google (disclosure: I used to work there) has an excellent security team and there are few companies I would trust more to keep cloud vaults secure.
The attacks your links are talking about start by assuming someone has full access to your computer. While putting some bumps in their way at this point is nice, I guess, there's nothing stopping them from keylogging their way past any password manager you choose.
The threat model where someone is able to run malware on your machine, but not run a keylogger to grab your master key for your password manager seems sorta absurd.
Yes, if someone installs malware on your machine (in your user account), they can grab the Chrome password vault. But in that case, 99% of the time they will be grabbing the password vault of other providers as well.
Also, note that the Chrome password vault is encrypted on disk.
what worries me about this, is googles history of happily nuking your google account when you do something as simple and legal as a chargeback.
you wont just lose your email and bookmarks but all your passwords...
Also its a much bigger surface area target, and the auto syncing to new machines you sign into is a concern. I dont want passwords to be "accidentally synced" to any machine my family signs into. I want them to knowingly sync their passwords to them. be MINDFUL of what they're doing.
no thank you.
As the default administrator/CTO of the family I'd rather suggest bitwarden and safer practices.
Unsure, but it's incredibly stupid about certain passwords. 2 examples I've seen.
I use a portal for work, and enabled MFA. Every time I put my MFA PIN in, it tries to replace the stored password. If I let it, accidentally, there is no history of the old password.
2nd example. When I was looking for a job, lots of companies seem to use a similar job/HR portal (workday) that has some variant of portal.company.com. Chrome things these are all the same, so to store the passwords; I have to replace the old one, which loses it and again there is no history...
I read his requirements and thought bitwarden met all of them. The author discusses bitwarden and instead of acknowledging it meets their expectations, points out more issues.
I don't really see why a "family-friendly" version cares about the underlying tech or filesize of the CLI clients, but maybe grandma or kids these days do get upset when when the run a program that is 8.0 × 10^-5 of their 1tb hd.
Yeah, that is a weird criticism. Even if the size of the CLI client were an issue (which I agree it it's not), how many people in their family even know what a CLI is and how to use one? I'd imagine that the average number of people in a family who would prefer a CLI to a GUI is less than one.
Bitwarden is good but I don’t understand why I need to make an account to use it? I wish more software followed 1Password <= v6 and allowed me to store my vault and access it locally anywhere.
It “just worked” on any device that could sync the vault. Now they’re a pay-to-play service without that feature.
To forward your secrets to your family (shared vaults) you need a remote vault that both sides connect to. That's their implementation choice... but given that BW is OSS, you could theoretically change that behavior if you know how.
The underlying tech of your password manager where you store all of your secrets is very pertinent. If it is poorly built, your secrets are no longer secrets.
I recently had to coach a co-worker to do something more sane than store her passwords in a plain text file on her private Google Drive (seriously!). This is what real people do when you confront them with a lot of complex security. The reason I discovered this was that I had to talk her through setting up 2FA for our company's Google account because she lost her phone. And then I discovered that she was copy pasting passwords from this stupid text file. Which btw. really sucks on mobile.
She's now a Bitwarden user. Mind properly blown. Next she'll be using it to use generated passwords. Amazing. Bonus points if she starts using 2FA for her private accounts. From what I've seen she doesn't and she uses a small set of easily guessable passwords all over the place. But at least they now come from a password manager. But it's not really a scalable solution because I don't have the time or patience to coach all of our people. And yes, we do have a security policy that spells all of this out. I wrote it. It helps but people default to doing the wrong things.
Ultimately, that's why we need to get rid of passwords. There's a group of users for whom all this security stuff is just way too difficult. We need to make it simpler for them to stay secure, not harder. Forcing them to remember lots of different passwords backfired and necessitated password managers. Password less logins are now a thing with several companies. It takes a bit of ingenuity to make that work but it usually boils down to multi device/factor authentication with some ultimate fallback.
>I recently had to coach a co-worker to do something more sane than store her passwords in a plain text file on her private Google Drive
Oh, so you showed her how to encrypt and decrypt plain text files with readily available tools? Because honestly that's the only thing wrong with her solution.
I'd really not recommend doing that - Google Drive has mangled so many files when edited in place over the years, I'm barely comfortable using it for anything except write-once-read-many things like PDF copies of things.
Yes, what we need is a good proof of identity system -- that's all username/password are trying to achieve. There are several systems out there, including some standards. I guess it's kind of a chicken/egg situation where few logins support it because few people have it and few people have it because few logins support it.
Passwordless systems are shitty in all kinds of ways: difficult for users to understand, must have multiple hardware tokens, rely on 3P (who likely needs a password anyway), lock in to one vendor, difficult to recover from lost device, sometimes uses derived values--putting all past and future values at risk.
They'll have an answer for every critique, but they're usually weak responses that assume tech literate users.
Explain exactly why her solution was so bad, especially as compared to the others, because I'm not at all convinced that it is.
Sure, it's perhaps dangerous to give Google all that power, but I quite literally would trust this more than any third-party password manager that does any type of off-your-computer storage.
OP already mentioned that the UX on mobile was really bad.
A real password manager (like Bitwarden) would be integrated into the mobile OS, and automatically prompt to fill passwords. It also doesn't provide any functionality to generate secure, unique passwords for each site, so it encourages insecure reuse of passwords. Further, it can't notify the user when a password has been compromised and should be changed.
Different people have different threat models, and improving usability of good tools can improve security more than perfect tools would.
If she's signed in to Google Drive on a computer and that text file is synced locally, it can be read by any old process that has just user level privileges. No elevation or anything tricky required.
The lamentations about Bitwarden's heavy clients really ring true. On my phone, simply opening the password manager to unlock the vault can be enough to make the application I was trying to log into go OOM. Integration with my keyboard of choice (SwiftKey) is also questionable and then Firefox adds another layer of weird behaviour that makes autofills too difficult for me to recommend it to my family.
When I first read about the command line Bitwarden client I just laughed at its absurdity. I'm tempted to write my own Bitwarden compatibility library and maybe a command line or GUI that doesn't require an outdated copy of Chrome to run, but doing security software right takes time and research I don't want to commit right now.
I also remember going from my self hosted Bitwarden instance to Vaultwarden and seeing he memory requirement drop several gigabytes. I like Bitwarden's browser integrations for the most part but the nice GUI comes at a big performance cost.
Perhaps my 900 secrets are too much for a password manager to handle but I don't think whatever computation the program does on the encrypted secrets warrants this much overhead.
I prefer self hosting things so KeePassXC was actually perfect for me. You have KeePass client on each of your devices and Syncthing keeps all devices in sync. No third party involved! If you are looking to self host I compared few applications in my blog post below
I think the dropbox sync is pretty good. I self host and I know the keepass db is encrypted but I don't want to worry that my self-hosting is always immediately up to date. And I trust dropbox well enough, I think
I also don't love keepass getting access to my entire dropbox. But the easy solution is just to make another dropbox account with just the keepass file, and share it with my main dropbox, it'll sync the edits but force insulate the keepass permissions to a single file
Regarding this, I think I am doing something stupid: I am syncing my keepassxc database with syncthing, and I am also using a keyfile. The keyfile, I copy manually from my computer to my other devices. But when it comes to my phone/tablet, I copy the key to some random location in the android filesystem, say DCIM. Is that... like... ok? Or is it something any app has access to and people now have my key potentially?
Android is a lot more sandboxed than desktop OSes, where you already have this situation: All software that runs can access your keyfile (hypothetically). I wouldn't be to worried. They still need access to you kdbx file, your password, and know that your keyfile is a keyfile.
Seems like a low risk unless your threat model includes nation state which performs a targeted attack against you.
Also using Keepassxc. However, I really would love to have sth audited and with a documented threat model. I have the feeling that those programs are developed by enthusiasts and probably would not withstand a serious attack (but this not really the typical family worries about neither do I)
For me the main barrier has been convincing my family to actually take password management seriously. My entire family has had their emails hacked at least twice due to poor/reused passwords that have been in leaks, constantly forget IDs/passwords, and are constantly overwhelmed with the idea that they need to keep track of all these things.
I've set up a 1password family and set up accounts/vaults on everyone's computers/phones/tablets, yet they still find it too troublesome to use rather than simply writing passwords down in plaintext on their notes apps or just on sticky notes attached to their computers etc...
If anyone has had success encouraging family to use a password manager I would love to hear any tips, as I've sat my family down every holiday season to reset everyone's forgotten passwords and walk them through everything, practice creating/saving/using passwords and within a day it's all forgotten again. Like backups, I feel like no one takes it seriously until something truly horrible happens.
I used to work at 1Password, and have been a happy 1Password user before that. I recommend it _all the time_, and I carry around a $20 1Password gift card in my wallet to give to people when I recommend it. But I have been trying to get my mom setup on it for months and it's still a struggle :( I was hoping this article was going to say, "FooPassword has great security, and amazing UX and even your mom can easily use it", but alas...
The problems my mom experienced setting up 1Password, some I had never encountered. There are at least a handful of things going on that can cause problems, including web browser, internet connection, 1P browser extension, 1P desktop app, OS (at this point my mom has become unfamiliar with all desktop OSes since she has primarily used her smartphone for over 6 years and rarely if ever uses a desktop OS). There are enough opportunities for issues to occur that are trivial for me to troubleshoot, but are non-starters for my mom. And I suspect that my mom's experience is very common :(
I use 1pw and if you has any contacts left there, please urge them to fix their UIs!
The ux is terrible, and on Mac there are at least three different UIs you can open (browser, click on toolbar icon and "full" UI.)
On Linux I think there are at least two variants, maybe more, dont remember.
Just make one and make it simple and usable. By simple I don't mean Google/apple-style "hide everything because people are stupid".
I mean simple, consistent, reliable, usable and powerful.
1p is a fairly complicated UX that fails a lot. Sometimes password autofill shows up, sometimes it does not. If I bring up password autofill, sometimes it shows a list of 0 websites because I didn't use the website association thing when recording the password login, and often because it failed because the UI fails very easily if it doesn't go in it's happy path, or I press back, or the password was rejected, etc.
A lot of this is probably OS & browser vendor limitations, but it ends up with 1p being a power user only piece of software.
I had this problem to. And sufficed to say, the one family member we did convert is understandably panicked after the LP breach, and the one who held out is now smug about it.
For the ones who have held out, I gave up and just bought them all one of those "Password Journal" things from Barnes and Noble. Having unique passwords for every site is more important than having an electronic vault, so, baby steps.
Use a common prefix or suffix that you don't write down so that even if someone reads your little book (which is unlikely anyway), they won't be able to use the passwords.
Sure, this is great if your biggest concern is password security vs. password breaches. No one using pen & paper is creating new passwords for every site they register for, so they're probably just reusing the same few passwords (or, maybe, with small variations) between sites. Which means they're constantly putting themselves in a position to be hacked, regardless, since breaches expose all your other accounts when you have just one email address.
My parents tried that, but they kept misplacing the notebook in which these passwords were kept, and the passwords were too simple and guessable by half in any case.
I've had success with my parents and 1Password by only teaching them an extremely limited feature set: how to create new entries, update existing entries, and to copy and paste usernames and passwords. No browser extensions, no autofill features, no URLs, no vaults, no labels, etc.
I think that almost all the friction with respect to password managers relates to autofill, how to make it work, and in particular, how to recognize when and why it's not working.
For non-technical people, this is an intractable problem. It's too much even for a lot of technical people.
It's also why I doubt password managers in their present form will ever get widespread adoption. Their best features are just too finicky. Not due to any fault on the part of the authors -- it's just that the web is a mess, things change, and this kind of thing will always break from time to time.
So, my advice is to distill password management down to its simplest essence and just teach that to non-technical people in the hopes that it will more-or-less resemble the notepad/spreadsheet method, except with a password now.
Have you tried getting them set up with Apple's (if they're on Mac/iOS) or Google's (if they're on Chrome/Android)? Using something built-in is almost always the lowest friction option, and it sounds like it's friction that's keeping them from the sticking with the password managers you've tried them on.
I dislike the idea of recommending these OS-specific password managers because what if they need to access their passwords on another machine? But I'm guessing for most folks that's not a concern. I also don't trust them _nearly_ as much as I do 1Password, but that's at least some prejudice on my side.
I’d trust them more. They’re likely behind the same security barrier as the rest of Google’s / Apple’s services. They’re probably getting attacked all day every day and holding up so I’d imagine they’re way more robust than most smaller companies.
It isn't about how easy/difficult it is to hack them. Any password manager I use needs to be un-hackable in any realistic sense. It's about trusting the company. And before I get flack about "nothing is un-hackable" blah blah, see "in any realistic sense".
Exactly. When I worked at 1Password everyone in the company knew this, and were trying to vastly improve the user experience. I've been gone for about 18 months now and I don't see many changes, which is unfortunate, but I know it's something they are passionate about. I hope they can figure it out, I think UX and easy of use are difficult things to get right for password managers.
Both the Apple and Chrome password managers sync to the cloud so as long as they can sign in to their account on another computer or phone, they can still get access to the saved passwords.
But only when using an Apple product (for the iCloud solution) or Android device or Chrome browser (for Google's), right?
My parents use whatever browser their company has installed on their computers, which I think is Chrome for one person and Edge for the other. Their home laptop is a Surface Laptop device with Edge on it.
It'd work for their phones, and I honestly don't see them switching to Android anytime soon, but it's still not available all the time, and I haven't been able to get them to do anything but autofill of the passwords I created for them. Even as is, telling them to go to a dedicated app to copy a password to use on their laptops is a step too much. Adding more complexity isn't going to help.
Show them. Since you’ve got them set up, if you are called on for tech support (especially around a password), remind them that you can’t help them if they don’t have the password in 1Password, because you can’t debug those things.
It took 4–5 years, but my wife is now a 1Password advocate and tells people that it’s the best way to protect themselves. Sort of like a feature of our banking apps‡, she has been convinced by the fact that the 1Password URL matching provides strong anti-phishing protection.
For the most part, my family has found it easier to remember that they only have to know one password than to put up with my complaining that they’re not using 1Password and I can’t help them because they’re not…
‡ The feature for the bank was the "spending notifications". Almost ten years ago I installed the "spending tracker" app from the bank, and about a month or two after, I got a notification of a 0.01 charge from a company we have no business with. After I tapped through, I noticed that it was on my wife’s credit card, so I notified her that her card had been skimmed and she needed to contact the company. We knew before the bank knew because of their feature. She installed the app the next day.
My mom cannot understand how to use auto fill etc, but what I did was to set up a KeePass database file for her on her google drive and just sync it up on every device. She refuses to use anything but an android and she acquiesced to an iPad when I told her android tablets are still catching up. So I just found the most common service - google - and put everything on it. She now knows to open it and expose the password as well as create new entries. She still can’t copy paste or handle the generator.
My dad does not give a flying fuck however many times you tell him and just writes it down in a notebook. He just doesn’t care despite much of the family wealth residing mostly in his accounts.
I've never heard of mobile OS being THE barrier for using password managers. It's usually a ton of other things... after all, both of our favorite OSs use autofill from the keyboard bar, so it should be straightforward. But hey, I have a similar parent. I just installed it for him and told him this is the new way... "computer programmers made it this way now".
It’s not the mobile OS so much as the fact that I want something I can troubleshoot easily and isn’t hidden behind several layers of UX. KeePass satisfies that. I just shared my mom’s database file with me on Drive so I can also access it in case of issues. If not, I’d need a service that can support like family sharing and shit and they may ask for extra money. This is easier and more secure since my mom has no idea how to share things from Drive so she won’t even do it by mistake.
The auto fill part is relatively straightforward to us but it takes a while to get used to for the previous generation. In fact, despite showing her how to create new entries, she spent the last 2 years still writing it down in her Google Keep notes app. Had to spend a non trivial amount of time transferring them over this holiday.
I know a person who works in tech, is very smart, has plenty of gadgets -- he just can't take this seriously and uses a single txt file in Dropbox for all their passwords (that are all just human-generated, reused, MyRandomW0rd123-like passwords). Claims to be optimistic and thinks that they're not going to be that person who gets hacked.
The real annoyance is that we need a "password manager" in the first place
You wouldn't need to worry (too much - as long it's not a weak password) about password reuse if websites abided by security best-practices and wouldn't leak lists of weakly hashed password. salt + pepper + good amount of rounds proper hashing function: good luck
And to be fair the browser ones work great. Another one that works great is a paper notebook
And again, it all depends on your threat models. Using very complicated passwords and 2FAing your password manager will only ensure that you'll get locked out of your accounts sooner or later (unless you have a target painted on your back for some reason)
Strong disagree about password reuse, the average person has multiple dozens if not hundreds of accounts on various services. Even if none of them ever get hacked, you are still trusting thousands of engineers having access to production to not record the passwords that are sent to them with each login.
Just use a random password per service and keep it in a password manager.
> Again, if companies didn't treat password data carelessly
This is not a real solution. The real world is full of unreliable actors and byzantine generals. Any solution that depends on a perfect environment isn’t one.
The problem is you don’t need to get one company to behave well. You need to get every company to behave well.
It’s almost like saying “we don’t need to spend money on a court system, if we just got everyone in the country to work out their disagreements amicably”. While… true, it doesn’t sound like a plausible solution to my ear.
Remember that when you create an account and log into a service, you don't know if they even hash your password. They could email all the login attempts with your password in plain text.
A good password manager and 2FA, properly setup, should not increase your risk of lock out. It should decrease it - one set of 2FA elements and one password to remember.
Hashing passwords reduces the threat from database dumps, but it doesn't help against an attacker uploading a compromised version of the app and siphoning off credentials as they're submitted.
FWIW... I set up 1Password as a business account for demo and eval.
I hated it almost every part of it. If you are coming from Bitwarden, Dashlane, or Lastpass, the UI makes little sense. All three of those used Lastpass's initial UI. It's a better UX.
I couldn't get off of 1Password fast enough. Something about their desktop app it seemed overly heavy/slow.
I'll second this opinion. A lot of people will already have their passwords saved in their browser but not even realize that this is an example of what people mean when they hear "password manager". I'm not sure about iOS (as I haven't owned an iPhone before), but at least on Android, there's a setting to let the Chrome password manager auto-fill across the entire system rather than just in the browser. The path of least resistance for most people is probably just to turn settings like that on (and optionally, if their existing passwords are not secure e.g. due to reuse across sites, go through their list of saved passwords, log into each site, and change their password to one generated from the browser password manager).
It doesn't on iOS. Safari does _sometimes_, when it feels like it… but even if it were consistent, who (even in the family) wants to use Safari on desktop? Back to square one
I don't know what primitives or parameters Apple's iCloud Keychain is using.
But I do know that it has made all of the non-techies in my family using a password manager. They just use the suggested password generated by Apple when signing up on random sites as well.
(But only works on Apple's devices and browsers obviously)
iCloud Keychain has done more to raise the tide for passwords than any other password manager in existence. I love that it “just works” for the vast amount of people who use iOS/Mac.
Bitwarden has worked really well for me and my wife to share passwords to common services (daycare, shared email, etc) and it has been well worth the money. I've used 1Password and LastPass in the past but Bitwarden has been the best experience I've had thusfar.
Full disclosure I haven't used 1Password in a while and I have limited experience sharing vaults. That being said Bitwarden just worked™. It was easy to set up a shared space. The iOS app is good, the plugins are good, all around solid. The open source nature is nice, I can run my own vault if I wanted to. So the tldr is that it hit the right balance between portability, ease of use, and price to be the right choice.
I would settle for a password manager that can do basic password management.
Secure, UI that loads quickly without bugs, autofill that works.
Tried switching to 1Password and it duplicates every single password I imported from LastPass. Confirmed no duplicates exist in the CSV being imported.
Support is like talking to a chat bot. Don't seem to understand the issue I am reporting is the duplication and keep proposing solutions to alternate problems other then the one I have.
For 1Password, check if you have the same password registered under "Passwords" and under "Logins", as this would trigger this warning. I'm not sure how the import process works, but maybe those imported passwords/logins are added to both sections. If all your passwords are converted to logins, you can probably delete those password records, which should eliminate the warning.
Login to non-websites is very useful on mobile. (And even desktop now with 1password!) I think only ”proper” password apps do that in a truly cross-platform way.
> There is also a command-line interface, weighting 80MB, also in TypeScript, also in Electron. Amazing.
Can anyone verify the CLI depends on Electron? I took a quick look at the source and from what I can tell it does *not*, but I've never worked with Electron so I don't really know what to look for.
> Argon2id, but without specifying the parameters, not why they chose this particular variant over another variant like Argon2d.
On this specific point: the use of Argon2id over Argon2d doesn’t need justification. Per https://www.rfc-editor.org/rfc/rfc9106.html#section-4, the first and second recommended options are Argon2id, and Argon2id is the recommended type basically unless you have a very good reason to choose a different type. (And as a fairly informed layman in cryptography, it’s very obvious to me that Argon2id is the correct choice for this sort of password safe.)
I'm happy with Enpass (https://www.enpass.io) from the usability standpoint. The OP didn't mention it as a candidate. Not able to judge the cryptographic effectiveness, but this is what their website says:
"encrypted with 256-bit AES with 100,000 rounds of PBKDF2-HMAC-SHA512 using the open-source encryption engine SQLCipher."
They don't supply cloud storage - you pick your own , e.g., iCloud, Dropbox, Google Drive, OneDrive, WebDAV. I use a local WebDAV server, myself.
I'm not sure that the crypto used is the weakest link, but even then, I would very much like to see a user-configurable memory-hard KDF, authenticated AES, and FIDO2 hmac-secret support. All of which should be relatively tablestakes for a product like this.
The option of self-syncing or self-hosting seems important as well, so users can decide to trade off having a team of engineers keeping the server secure and up to date with being a less interesting target to compromise.
In terms of client-side compromise, I'm significantly more worried about OS/browser compromises, malicious app updates, or for those cases where there's no OS-mediated autofill API, clipboard sniffing.
In the end, I think password managers will always have issued and will have to settle for "good enough", or better than memorizing passwords. They're too big of a target for attacks and their surface area is too big, too. Password managers do more than storing login credentials, but for that key use case, adoption of Passwordless WebAuthn can't come soon enough.
Am I using 1Password wrong? Any time I need a password I click on it in the toolbar on macOS, type in my master password, and the just search for the needed password. I'm sure there are other ways that are seamless, but I don't see the strife/friction that most people seem to have to get others to overcome when trying get them to us a password manger.
That works. Additionally, if you list the domain name in the site field, it will auto-match and appear in the password field, provided you have the appropriate browser extension. If more than one entry for that site, it will list them all.
>Dash is the only one using Argon2d, the winner of the Password Hashing Competition held in 2015.
>Unfortunately, their choice of parameters is on the low side:
>We use Argon2d, by default, with the following parameters: iterations = 3, memory = 32Mo, parallelization = 2 We also support PBKDF2-SHA2 with 200,000 iterations. Then, the data is (en|de)crypted using AES CBC-HMAC mode.
>AES CBC-HMAC isn't a thing, what they're doing is AES-256-CBC then HMAC-SHA256 (and not CBC-MAC), which is perfectly acceptable, albeit using the same key for AES and HMAC feels shaky: an authenticated mode should be used like AES-GCM, or another key derivation to produce two subkeys, instead of using the same key for two different purposes.
>The intern who wrote their whitepaper had a confused understanding of how https works: OCSP doesn't replace trust stores, key exchanges are more complex than "the client encrypts a random number with the server’s public key and sends it to the server, the server decrypts this number, and both sides use this number to generate a symmetric key, used to encrypt and decrypt data.", …
>Worryingly, their "benchmark of attempts to decrypt AES files" is done on a "4 cores Xeon 1.87GHz", which doesn't make sense: cracking a password doesn't mean going through the whole keyspace of alphanumeric characters of a fixed length, and nobody uses CPU to crack passwords, let alone a 4 cores one. I would expect a firm in the business of protecting passwords to be up to date with the current state of the art of password cracking.
>They have a bug bounty with payouts up to USD 5,000 and no public reports. The gpg key that should be used to contact them is an RSA one of 1024 bits (worryingly small in 2023), and belongs to someone called "anish".
This is super concerning to me as a Dashlane consumer, so what are my options?It took me months to get my parents to figure out how to use it, and if I need to shift, it's gonna be even more difficult.
What part is concerning for you? I have not double checked the claims on the marketing content, but on the technical ones:
- Re: Argon2 parameters, what they don't say is that even with those parameters, this is still way better than most of the competition which uses PBKDF2 (it's equal to 1M6 pbkdf2-sha2 rounds - see https://infosec.exchange/@sc00bz/109611328606658997).
- Re CBC vs GCM: We do encrypt then Mac as we should. Also we don't use the same key directly for AES and MAC, we stretch the key to have a longer key - or we even directly use a long 64 bytes key in some cases - that we split for both purposes.
- You can get our GPG key here https://www.dashlane.com/security/researchers. It's owned by security@dashlane.com and is using ED25519. In don't know which key they checked, but I don't think it's ours :)
Yeah let’s pretend that browsers built-in password managers don’t exist and can’t be used because they are mere “side hustles” (and password management is a very serious business that requires dedicated companies and not at all something a team at Google or Microsoft can solve)
Don't you get it? You're supposed to trust a third party company that does this as their only job even though you're increasing the threat model by 50% with no guarantees whatsoever, duh
> To my disappointment (and mild horror), almost all password managers are using PBKDF2, which is known to be completely suboptimal to store passwords, and has been for the last 15 years, but it's apparently the only one without abysmal performance in Javascript.
The post I wrote about the intersection of Passwords and Cryptography was spun off as a prerequisite for a longer post I was writing about password management from the perspective of a cryptography engineer.
As part of that post, I planned to review Bitwarden (since it's open source and therefore I don't have to expend the additional mental cycles to reverse engineer it like I did LP/1P's offerings).
The challenges faced by browser extensions with other password DKFs is that, if you want performance, you don't want to write it in a scripting language. WebAssembly might work, but the ideal outcome is to be able to call `await crypto.subtle.Argon2id(/* args */)` and get your result.
The path forward, therefore, is to get Argon2id support into WebKit, Chrome, and Node.js.
Author's need to for compromised password monitoring and cloud-based operation (in a web browser) exclude the obvious choice: KeepassXC. It supports Argon2, Argon2id, as well as AES-KDF. This works with KeepassDX on Android, but has the expected effect of slowing down access to the DB, since the phone has less power than the laptop.
Can someone explain to me why the number of PBKDF rounds actually matters?
When they are saying 100,000 rounds, they mean 100,000 rounds WITH the key right?
If you wanted to brute force this password, and there are no vulnerabilities in the hashing algo, then you need to try aaaa with 100,000 runs, and aaab with another 100,000 runs right? So if you use a long random key, it wouldn't matter if it was 1 cycle or 1 billion effectively, right?
Or am I missing something? I'm assuming there is a hash table exploit for PBKDF2 and that the number of rounds really does matter?
I've been using KeePassXC on desktop and KeePassDX on Android, synchronized via Syncthing, and it's good, but the thing that makes me squeamish about all password managers is that you're just one software update away from malicious code which uploads all your passwords next time you unlock.
The hackaday community's mooltipass kind of solves this- puts passwords on an external device with a smartcard. The OS never accesses the whole breadth of it, just what's exposed by the hardware.
I think that's the right approach, but I'm not sure I like the hardware. Something I was thinking about was using a pi zero in a small box, that just does something like emulate a keyboard for password-pushing. Give it a small screen and small keyboard for UI.
MacOS/iOS (user) after completing the recent update cycle on all devices "passwords" now supports 2FA using touch -ID.
I've been using Bitwarden for years but integrated 2FA support from Apple has moved me over. I really despised having to switch between apps (I don't use sms 2fa when I can).
My boomer parents have been able to keep up with Bitwarden. We installed on their Windows laptop and smartphones. I've still have to get them on OTP, something like Authy to get them off mobile 2FA when possible.
I'm seconding bitwarden. I got my tech-illiterate partner set up with it no problem. We have a shared vault for things like utility website logins / shared credit cards etc. etc.
FWIW, I've bumped the KDF iterations count to 600000 in Bitwarden and I haven't seen any noticeable difference logging in from my M1 Pro and my iPhone 13 pro.
I have used Bitwarden and 1Password and 1Password is just about seamless while Bitwarden is a little clunky. 1Password is the one I would use for a "family". None of them are really "family ready" as there is always going to be a slight learning curve.
I think the tl;dr here is that there’s actually a lot of excellent choices out there, but almost all of them leave something to be desired in underlying cryptographic strength.
It suggests (relatively) strong passwords, it discourages password re-use, it surfaces when you use passwords that have been found in a data breach, and it allows you to access these passwords across devices.
I have no idea about the cryptographic strength of Chromes's offerings, but the fact that it is the leading browser worldwide means that it's going to be dead-simple for most people to adopt, even those who are decidedly non-technical.
(Personally, I use Bitwarden and 1Password, but I'm a software engineer. I would not expect my elderly family members to do the same, especially because both involve installing and maintaining browser extensions that can be finicky when Chrome updates.)