I am an information security professional, so I'll offer some advice and my opinion. Personally, I don't use any password manager that uses reversible encryption. That's not to say that reversible encryption itself isn't secure, but that many online password safes simply don't secure their systems enough to guarantee your password's safety. Keepass is a good offline password safe, but again, it uses reversible encryption and there are better ways to manage different passwords across multiple websites in my opinion.
I use cryptographic hashing encryption which is one-way encryption to manage my passwords. I only need to remember one master password for all my websites and a unique complex and long password can be generated from that one master password. The idea behind it is to take that one master password that you remember, hash it with a tag or domain name that you are going to use the password for, and then a unique complex password is generated for that website. You can now have an infinite number of unique passwords generated from one master password that can be used to register on all your websites. The unique passwords will always be the same as long as you always use the same master password and tag/domain name. What makes this secure is that the passwords that are generate are never stored anywhere. Even if the algorithm that is used to generate the password is stolen, your passwords are safe. You never have to worry about an encrypted password safe file getting lost or stolen. As long as you can remember that one master password and keep it safe (in your head), your passwords will always be 100% safe.
I created my own utility to generate these complex passwords, but there are also online versions that utilize this same concept. One example of this concept is here:
https://www.guerrillamail.com/tools
Just put in a domain name (for example, amazon.com), then enter your master password and it will then generate a complex password for you to use for your amazon.com account (as an example). The password it generates will always be the same as long as you always enter "amazon.com" and your master password for those fields. The password it generates is never stored anywhere since it is generated using one-way hashing on the fly.
My own utility works a little better for my needs than the guerillamail version (if anyone would like the python source, I can share it), but that guerrillamail.com tool is still a good option for managing your passwords in a really secure manner. As a bonus, the site can be accessed on your phone if you ever need it, so you don't have to worry about needing access to an offline password store.
I don't like the Guerilla Mail method. Like I.P. Daley suggested, the lack of a salted hash (or them using a static salt) makes them weak for the reasons he/she mentioned. Also, when the website you're using the password on gets compromised and you have to change your password, or if the site forces you to change your password every 90 days or whatever, you're stuck coming up with a way to make your own new password and are back to square one.
Problem One: How is this more secure than using plaintextpassword@amazon.com, plaintextpassword@ebay.com, plaintextpassword@mrmoneymustache.com for your passwords? Yes, the actual password might have been hashed into a non-dictionary word in this setup, but it's always the same hashed password. Having an exposed known username/password of lifeanon269@gmail.com for the username and !Ep8pui8Vw2@mrmoneymustache.com for the password means that anyone with more than two neurons to rub together is going to try using that email address with the first part of that password using the predictable second half of that password on other sites. Since you're using a single "master" password with this method, congratulations! You now need to change the password on EVERY SINGLE ONLINE ACCOUNT YOU HAVE because your "single" one-way "hashed" password has been compromised.
..snipped for the sake of brevity...
There's a reason why the greater public doesn't use the tripcode method to generate their passwords.I kid, I kid... but seriously, if this is your job? You have some room for improvement here, and a blindness to an ideological concept that impairs some rational thinking, just like everyone else. Know you're not alone in this weakness, but you did just apply that in a very public way on the subject of personal security and passwords. Use that as an opportunity to grow, mature and learn. Unfortunately, people should take this idea with a grain of salt... pun intended.Spoiler: show
Let me take a moment to further clarify. You're incorrect/mistaken about the security of it all and how it all works. Let me take a moment to explain a little bit further and in depth on the technical side.
Let me take a moment to further clarify. You're incorrect/mistaken about the security of it all and how it all works. Let me take a moment to explain a little bit further and in depth on the technical side.
No I am not. Both myself and GoingToMaine understand exactly what you're suggesting, the "tools" linked, and how it works. You are placing far too much weight in the security of hash algorithms without or with a known public salt. Even including the domain with the "password" to generate the hash, you're still using publicly known math. It may be "complex" math given the size of the numbers involved, but it's still basic math.
This isn't as good an idea as you think it is. If it was, given how "simple" and known a concept as it is (this ia a very old idea, by the way), why are you and other "anons" the only people recommending this idea? And nobody, like say, Bruce Schneier or the braintrusts at Google?
Don't call into question my knowledge on information security if you can't back up your critique with sufficient knowledge yourself.
Don't call into question my knowledge on information security if you can't back up your critique with sufficient knowledge yourself.
Listen, I don't want to fight with you. I do want to emphasize that I believe your method isn't as secure as you think it is. I'm old enough and wise enough to know never to use the word "impossible" when describing anything, especially when it comes to matters of encryption.
If your method helps you sleep at night, more power to you. If it inspires such youthful bravado that you make the claims you do, more power to you. I'm just going on the record as saying this method of password generation isn't as great an idea as it seems on first blush, for multiple reasons. I don't have the desire or inclination to prove my point to you as much as you want to try and prove your point to me, but I highly suspect that given what's on the line, you'll eventually find someone more than happy to take you up on this challenge.
Be well, good anon. May your method actually be as secure as you claim.
I wasn't looking for a fight either, but you called my professional work and expertise into question without even fully understanding the concept at hand. That's what bothered me most. Had you instead just openly discussed the topic as opposed to going all ad hominem while exposing your own knowledge gaps, I would've been much more receptive. The fact that you're continually using the term "salt" incorrectly further proves that you don't fully understand this topic at hand.
I do hope that through your own defense, however, that you may begin to understand why others might be concerned with the fundamental concept as applied in real-world use. The idea is basically just the old futaba tripcodes with extra, somewhat predictable steps/inputs for "randomization", which really isn't that random at all.
You're just using your own encrypted passphrase to generate a "random" password. This is what I used to call crackhead level security at its best. It might be secure enough to lock out a random thug off the street, but not good enough to protect against targeted attacks... but that's a fundamental weakness of all cryptography. All anyone can hope for is that their preferred tools don't eventually prove to have vulnerabilities or be overcome by raw computing power.
Unfortunately, all things made by man are imperfect and I've lost track of how many crypto hashes that claimed one-way brute-force security for "X number of lifetimes" have so ridiculously fallen apart within my own livable memory, either through weaknesses to the core algorithm or being wholly overtaken by technology advancements and cheats like rainbow tables to the point of uselessness.
Better to have a random password generated for each site than to have all passwords generated off of a "one way" crypto hashed phrase.
Best of luck to you in your career.
The technical info on here is impressive, but unless the person who asked is an IT Professional and understands cryptography then the answer to the question is:
Lastpass should do.
Also, I have taken up the $10K challenge that has been issued and hope to have an answer by tomorrow. I'll report my findings either way.
For what it's worth... everybody and their dog are Internet security professionals. I am... or was... before FIRE.
My other general recommendations are:
* use a different userid and email address for every single account you generate. Yes, this seems like a pain in the ass, but it's not so awful. If you have your own domain, it's simple. If not, there are multiple sites out there that will support this. I've used sneakemail.com for years and would recommend them. If one account gets compromised or spammed or sold, you just delete that email address forever. POOF... gone.
* when it comes to password reset questions: Lie. Lie big. When it asks for "mother's maiden name" answer "wart on a rhinoceros". ...and then put that data in your password manager as well. Don't use stuff that is readily available on facebook, ancestry.com, google, etc. Those things are awful for password resets.
Also, I have taken up the $10K challenge that has been issued and hope to have an answer by tomorrow. I'll report my findings either way.
Do post your method if you are successful in breaking sha256. That would be frontpage news worthy. Such a breakthrough would be absolutely critical to the security of every organization. It will certainly happen some day. If quantum computing ever comes along, all of our algorithms will need to be completely rewritten. However, that doesn't change the success rate of my wager one bit. It is like trying to solve the following equation for 'x':
y + 12 = x
The "+ 12" is the algorithm used in the equation, but knowing that doesn't help you solve for x when there are an infinite number of possibilities for 'y'. When my "master password" is y and has an infinite number of possibilies that would equate to a possible x value, then solving for 'x' or 'y' isn't possible without a whole lot of guesswork which in turn would require validation from me that you're right. ;)
Hopefully that math sums up some of the discussion above easier for everyone to understand.
For what it's worth... everybody and their dog are Internet security professionals. I am... or was... before FIRE.
I wish that were true. Otherwise we wouldn't be facing a shortfall of over 1 million qualified security professionals in the industry.
For what it's worth... everybody and their dog are Internet security professionals. I am... or was... before FIRE.
I wish that were true. Otherwise we wouldn't be facing a shortfall of over 1 million qualified security professionals in the industry.
That was tongue in cheek. Don't take me so literally.
I use Lastpass and it's saved me tons of time not being frustrated by trying to remember a password (or searching for that little scrap of paper where I listed it).
But I'm uneasy with the idea that my passwords are on their site, because who knows if it might get hacked.
http://keepass.info , NOT lastpass. Local storage only beats whatever remote solutions hands down in terms of security.
My own utility works a little better for my needs than the guerillamail version (if anyone would like the python source, I can share it), but that guerrillamail.com tool is still a good option for managing your passwords in a really secure manner. As a bonus, the site can be accessed on your phone if you ever need it, so you don't have to worry about needing access to an offline password store.
I hesitate to criticize your script because it seems like you are not fond of criticism. But I was looking at the code and... I can't in good conscience tell people this is a good idea. Caveat: I'm not a python programmer... I'm more of a perl guy.
You're very confident about everyone's inability to reverse engineer your passwords to your master password. I generally leave encryption math to the encryption specialists, so ... you may be correct. I'm skeptical, but you may be correct nonetheless. The problem though is that you're generating terribly non-random passwords. Sure, if you're the only one that knows you are using your tool, you are very probably safe. But if you share it and it catches on... that's a problem.
Your script seems to generate passwords to solve the rules of "must contain a special, a numeric, a letter, an upper"... but the real point of those rules is to make the password key space large. You effectively only have 22 characters in the passwords you generate. (Technically there are 24, but the '!' and the '@' are at fixed locations. If someone suspects your methodology, those might as well not exist.) Otherwise, you are only using 0123456789abcdefPQRST (weighted 2x more towards the numeric than the upper/lower). That's less than just "all lowercase".
I see other practical problems of the one-way hash in general that wouldn't work for me... but might still work for others.
edit to add: my scenario 2 is made a hell of a lot more plausible by the existence of this thread... pride cometh before the fall, lifeanon269.
That being said, in reality, length always beats complexity when it comes to password strength. A password of aaaaaaaaaaaaaaaaaaaa is actually a stronger password than !Aj3kl3@
<misc deleted>
Length > Complexity
I use Lastpass and it's saved me tons of time not being frustrated by trying to remember a password (or searching for that little scrap of paper where I listed it).
But I'm uneasy with the idea that my passwords are on their site, because who knows if it might get hacked.http://keepass.info , NOT lastpass. Local storage only beats whatever remote solutions hands down in terms of security.
LastPass does not store your passwords on their site. Your passwords are stored in an encrypted blob of data that is only ever decrypted locally on your computer when you type your master password. Yes, that encrypted blob is stored on LastPass's servers, but a hacker who gains access to LastPass's site/servers would not be able to decrypt your encrypted blob unless they can also guess your master password, which is why it's important to choose a strong master password.
That being said, in reality, length always beats complexity when it comes to password strength. A password of aaaaaaaaaaaaaaaaaaaa is actually a stronger password than !Aj3kl3@
<misc deleted>
Length > Complexity
That all depends on the cracking mechanism. If I know your password generation mechanism, the brute force mechanism would be tuned to it. If someone were to publish a hashed based algorithm with predictable outputs, the search would be quicker.
Either way, there are too many side practical aspects of this mechanism that: It's not for me.
What I mean is: more common passwords will be applied first. If a pattern/mechanism has been observed as common, they will be applied first. That's why (even long) dictionary words (even words with p3rmuTat10n5) crack more easily. And "p3rmuTat10n5" is likely to crack before "!Aj3kl3@"... because that is how the rules are written. Dictionary first, then brute force. It's not exactly as simple as "length beats complexity".
So yeah, "change them right this minute to something super awesome" is the most secure response, but it might be more practical for some folks, especially those who might not really know what a super awesome password really looks like, to document what they have first and let the tools assist with that process.
TLDR: Combined with the annoyance that expiration causes users, our evidence suggests it may be appropriate to do away with password expiration altogether, perhaps as a concession while requiring users to invest the effort to select a significantly stronger password than they would otherwise (e.g., a much longer passphrase).
I believe your original argument was against the case of using an algorithm that produces similar results across the passwords that it generated (which would be used across different sites). That was why I produced the math behind why that isn't as large of a risk as you posed it to be. This is because the attacker isn't going to know the pattern between passwords that get generated. Even if a given password were revealed to an attacker, they would have no idea of the algorithm used to generate it, as I showed above with two similar passwords using the same method, but using two different hashing methods. At any rate, there is still no argument against Length > Complexity that has been demonstrated as being convincing.
"The table below shows how much longer it may take a hacker to break a list of progressively more complex passwords by trying different combinations of the password one after another." Sample password Time to crack with an everyday computer Time to crack with a very fast computer bananas Less than 1 day Less than 1 day bananalemonade 2 days Less than 1 day BananaLemonade 3 months, 14 days Less than 1 day B4n4n4L3m0n4d3 3 centuries, 4 decades 1 month, 26 days We Have No Bananas 19151466 centuries 3990 centuries W3 H4v3 N0 B4n4n45 20210213722742 centuries 4210461192 centuries |
What do you folks think of the idea of storing cryptic notes to accounts and passwords in a draft, within an email account from which messages are never received or sent? And is not associated with a real name?
I use Lastpass and it's saved me tons of time not being frustrated by trying to remember a password (or searching for that little scrap of paper where I listed it).
But I'm uneasy with the idea that my passwords are on their site, because who knows if it might get hacked.http://keepass.info , NOT lastpass. Local storage only beats whatever remote solutions hands down in terms of security.
LastPass does not store your passwords on their site. Your passwords are stored in an encrypted blob of data that is only ever decrypted locally on your computer when you type your master password. Yes, that encrypted blob is stored on LastPass's servers, but a hacker who gains access to LastPass's site/servers would not be able to decrypt your encrypted blob unless they can also guess your master password, which is why it's important to choose a strong master password.
http://www.zdnet.com/article/lastpass-hit-by-password-stealing-and-code-execution-vulnerabilities/
https://www.grepular.com/LastPass_Vulnerability_Exposes_Account_Details
http://www.pcworld.com/article/3185731/security/lastpass-is-scrambling-to-fix-another-serious-vulnerability.html
etcetera
The bar is higher for web/browser based applications, and LastPass doesn't pass it. The most important LastPass attack vector just doesn't apply to Keepass at all.
What do you folks think of the idea of storing cryptic notes to accounts and passwords in a draft, within an email account from which messages are never received or sent? And is not associated with a real name?I personally think that sounds like a lot of work for minimal security gain over using a tool that's designed to store passwords for you, so I wouldn't do it myself. But if it works for you, it is a safe way to do things so go for it.
I agree with GoingToMaine... It's no different than having a folder full of notes and having one boring one entitled "2013 Summit on Managerial Effectiveness" that contains userids/passwords. Unless you are extremely clever, it's going to look like userids and passwords. And if a BadPerson™ knows enough about you to have a little bit of an idea what to look for... using an exhaustive search on the local hard drive for some key strings isn't that hard, regardless of where it might be hidden.
I'm not worried about some "BadPerson™ who knows enough about me" finding my passwords and stealing my money. I'm not worried about anyone who knows me that well, and I don't know why anyone else would target me enough to spend that kind of effort on me. If I were famous or rich or a corporation or government, this is the threat I'd be worried about it. But as a NormalPerson™", it's pretty much the last threat I'm worried about.
Criminal hackers gangs™ have and will continue to attack password managers. It's guaranteed. Whether they'll succeed or not, I don't know, but they will try. What I can completely and totally guarantee, is they'll never look through my stuff for a piece of paper that has 20 passwords written down. That piece of paper is obscure enough that if some random person found it, they woulldn't know what it was or how to use it. And it's physical enough that no hacker will ever get it.
I've really appreciated the entire discussion here, and the comic helped me SO MUCH, as did the little chart.
It's all convinced me to finally make a move to a manager, and that will be a project for this weekend.
It sounds like Keepass or Lastpass are what most people are satisfied with, and in that order, yes?
Keepass has had no security breaches, but Lastpass is synced across all devices. The latter sounds like a great boon to me personally (i.e., what will encourage me to use a manager, which increases my security overall).
Questions:
1. With keepass not synced across devices, how does a person manage this on multiple devices?
2. Given the breaches that have occured with Lastpass and similar programs, do most security folks here scream "NOT LASTPASS"? Or do you shrug off the security breaches, feeling satisfied with how those played out?
3. When I swap out computers (loaners from my school and kid's school), does one or the other (keepass/lastpass) have an advantage, in terms of preventing conniptions in me?(I'm thinking lastpass again/)
KeePass hasn't had a large scale "breach" per se, but it has had vulnerabilities found just like the others. The difference is that it's usually run locally on a machine rather than in a centralized hosted model.
Regarding your other questions, and as a security person with 15+ years in the business:
1. There are methods to use DropBox or similar to sync your KeePass database to multiple devices. I've tried it and it works fine, but it does require more work than something built to sync natively like LastPass.
2. LastPass and Dashlane have both patched their vulnerabilities in a timely manner, as has KeePass for that matter, so I wouldn't run screaming from any of them. Just manage your risk. If they notify you of a breach and say you should change your master password, do it.
3. LastPass will be easier simply because there are fewer moving parts.
OP here--wow, never a dull moment on the MMM boards!
Thanks for the product recommendations, tech discussion and general security tips. So far, of the commercial products, Lastpass has received the most votes, followed by KeePass. Anyone else want to chime in?
Also, I would like to complain that Merrill Lynch, for the account I had through an employer, required a six-character password with JUST letters and numbers, no special characters. See confirmation here. (http://www.kahunaburger.com/2009/05/23/whats-with-the-strange-password-requirements/) What the heck. I hope this has been changed since the time I left that employer and closed that account.
Also, I would like to complain that Merrill Lynch, for the account I had through an employer, required a six-character password with JUST letters and numbers, no special characters. See confirmation here. (http://www.kahunaburger.com/2009/05/23/whats-with-the-strange-password-requirements/) What the heck. I hope this has been changed since the time I left that employer and closed that account.
I briefly had an online account with them a little over a year ago -- though directly with ML, not through an employer. No special characters were allowed, but they allowed up to 20 characters.
I've been amazed how many folks have silly/differing requirements.... differing ideas of what a "special" is... none allowed at all, etc.
Enter and confirm your new Password. It must be 6 to 12 characters, using letters and numbers and no special characters (e.g. ?, *). Your Password should be unique to you and difficult for others to guess.
Finally, I can set reminders for me to change the passwords on specific sites every week/month/six months/etc.
I have a question about the security of the fingerprint detector on the Iphone. Assuming it's not stolen by someone who has recreated my fingerprint, is there a program that can use that to unlock a list of passwords stored on the phone for you to type into a computer or elsewhere?