Ask HN: Why should I trust password managers?

Spread the love

  

Something I’ve not seen come up yet: a password manager that’s integrated with your browser is a good defense against phishing.Because it’ll only offer passwords for sites that match the entry, defaulting (most often) to being the same domain, if you come across a phish then it won’t offer the site at all. This is fairly similar to the “trust on first use” that SSH gives you, which some folk was wishing might have existed for SSL certificates the other day.

Unfortunately, some sites require you to “log in with your … credentials” rather than doing SSO. But you TOFU those, too, once you’ve verified they’re legit.

Happy Bitwarden user here: the software is all Free, but I trust the company to run their servers securely more than I trust myself to, so I pay them to do so. Extra benefit: if I lose all my infrastructure, I haven’t lost my passwords.

 > Extra benefit: if I lose all my infrastructure, I haven’t lost my passwords. I just dump the SQL database of Vaultwarden and have that as a backup (it’s encrypted). I’ve verified that a new Vaultwarden instance can be spun up on any Docker-capable machine quickly, the SQL file just needs to be mounted in and named properly. So it’s a very local-host-friendly backup with no ‘infrastructure’ requirements. It can be up in minutes.

 I agree with everything you’ve written here, but while all good points, they’re more about convenience — not trust._Why_ do you trust Bitwarden?

I also use BW btw, but I don’t have a good reason as to why they’re trustworthy, and will probably run my server someday.

 If I’m accessing my passwords via the clients that BitWarden the company distributes, then I’m still putting my trust in the company. Where the encrypted data is stored is in many ways less important. And the irony is that the one website I can’t trust my password manager to protect me from phishing attacks on is the password manager’s web interface. So I always want to log in with one of the non-web clients, and only trust the web vault if I reached it via a known-good link (like the one in the settings panel of the browser addon and mobile apps).

 Because it’s a crime for them to make use of the passwords, I’d be able to claim back any financial loss. I picked Bitwarden because it’s widely trusted, it’s trusted because it’s open-source and widely assumed to be casually audited by many _other_ people. There’s a weak point here in how many of us are relying on others to do the audit, in a bystander effect sense. I don’t think either of these is BW specific, which just shows there’s a large family of wise options.

 I trust it (in my case 1Password) because it’s a company that happily makes money from that trust, and if we’re to be insecure or the trust wantonly breached, they would cease to exist. Their motivations align with what I want them to be.

because it’s a company that happily makes money from that trustYou could also say this about Microsoft, except they’ve been breaking such trust for a long time.

 That’s a pretty bad take. You’re comparing a company whose single product is about keeping one kind of thing secure, and another company that makes dozens of products, most of which don’t explicitly have to do with security.

I would argue it is trust. I trust my password manager to validate the website I am entering my password into more than I trust my eyes. I know that I can’t be perfectly vigilant every single time I enter my password. The risk of the password manager betraying me is roughly an order of magnitude below the risk of my falling for a phishing attack. Plus I use the password manager baked into my browser, so I’m trusting it anyways.

 Because it’ll only offer passwords for sites that match the entry, defaulting (most often) to being the same domain, if you come across a phish then it won’t offer the site at all. The Bitwarden browser extension does this. When you add a login, it also adds the URI of the website, so the login info and auto-fill will only show up when you’re on the same domain. Of course, you can edit and add or remove your URIs for logins. You can also change the URI matching behavior.

  Because it’ll only offer passwords for sites that match the entry, defaulting (most often) to being the same domain, if you come across a phish then it won’t offer the site at all.1Password does this.

 It also warns if you try to fill on a site that isn’t linked (says something like “1Password can’t verify that reaibank.com should use your realbank.com login”

 I don’t trust or use SAAS password managers. They are massive honeypots just waiting to be pwned and everyones’ passwords to all their websites stolen. They have above-average security, but unlike a typical website they can’t just store a one-way hash of passwords that remains secure even when stolen, they have to store the actual password. I imagine nation-state-supported malicious hackers are targeting them. Everything else is getting breached and leaked these days, there’s a non-trivial possibility these will too.

I just use KeePassXC instead, and periodically ‘sync’ the database across my workstations and laptop. And by ‘sync’, I mean manually export the database and sync it around to my workstations and laptop and re-import it on each. But given how infrequently I create new web accounts, this isn’t a major hassle. It works fine, I don’t need some centralized service for this.

 

 

> they can’t just store a one-way hash of passwords that remains secure even when stolen, they have to store the actual password maybe I’m missing something but sure they can’t store its hash but they can and do store the password strongly encrypted. Presumably without the master password, at least, it should be close to impossible to retrieve the passwords. Or is that assumption wrong?

 

 

 

That is correct and they have the audits to prove it. That said, it’s not bulletproof. The chink in the armor is the browser extensions they all use. All it would take is somebody to slip some trojan code into one of the browser extensions and all of a sudden you have a few hundred million decrypted password databases that could trivially be uploaded to wherever.

 

 

Could you not argue the same thing for almost any code used by almost any piece of software closer to the metal? e.g. someone manages to slip malicious code into Chrome/Chromium which eventually makes its way out to every Electron app/most browsers, or something gets injected into Windows/macOS/Linux, etc.

 

 

>Could you not argue the same thing for almost any code used by almost any piece of software closer to the metal? You could. But if you haven’t trusted all/most of your passwords to any single app, you won’t have a problem with them being exposed when that particular piece of software is compromised.

Even if someone compromises your OS itself, you’ll only lose the passwords you typed in while you were using it compromised. And that’s if it does capture those, and if it sends them to some remote endpoint, and if it’s not caught soon, and so on.

With a password manager compromised, on the other hand, you could lose anything you’ve put it in, all at once.

 

 

On one hand, yes software supply chain vulns are getting difficult to maintain conceptually total coverage of while also maintaining a pleasant environment for developers to be productive in. On the other hand, yes there eventually is a trust point somewhere. A spiral of upstream what-ifs isn’t productive IMO, I agree.

 

 

 

I suspect that’s not nearly enough, given that their breached database would probably sell for multiple orders of magnitude more on the darknet. Should probably be $1M at least.

 

1Password vaults are encrypted end-to-end, their database would not be worth nearly that much. It’s a bunch of worthless data. A successful hack of 1Password would probably require pushing bad client updates. Besides which bug bounties are not intended to disincentivize people from committing crimes, they’re intended to incentivize researchers to report findings and reward them for their efforts.

 Parent comment is right about the value of a successful vault exploit. Given the number of people and companies using 1Password now, $100k would likely pale in comparison to an exploit’s value on the black market.

 That’s a bad analogy, although you point out a possibly good thing for L2/crypto – the bug bounties are massive because the projects have a silly amount of funds. Password managers don’t operate with those economic models though.

 

 

 

Depends on the cost/benefit. 3x security engineers to detect/respond vulns and attacks is less expensive but gets similar coverage plus a lot of other work capacities, for instance.

 

 

For that reason, I trust 1Password in the non-SAAS version. The password vault is stored locally and then synchronized between devices via iCloud. So there is no single point. First, there needs to be an exploit for iCloud and second to the 1Password vault. The benefit of this is, the vault is a simple website by itself that can be loaded into any web browser without the app.

 

> They have above average security, but unlike a typical website they can’t just store a one-way hash of passwords that remains secure even when stolen, they have to store the actual password, they don’t store directly the actual password, they store it encrypted by an encryption key derived from your master password. A leak of the database won’t reveal any password, as long as your master password stays secure (aka is not “hunter3”)

 

 

 

> as long as your master password stays secure (aka is not “hunter3”) do You mean, the master password that many people reuse across sites and has been leaked into the darknet by breaches of other sites? Or if not leaked directly, at least some entropy about it probably has been.

I know these services don’t store the password in plain text, but it’s still stored in a reversible format. That’s a juicy target.

 

 

Do you understand the concept of a password manager? You only have to remember one password, and for that reason, people can choose a longer and more complex one.

Then your passwords are encrypted using that master password.

So people cannot “reverse” your password if you pick a reasonably long master password.

For reference, my master password is a 27 character sentence that would take somewhere between a millennium and the heat death of the universe to crack. It encrypts around 500 passwords, each in itself 25-35 character long passphrases I do not know.

 

 I store the printed credentials to my password manager and my e-mail account in a safe deposit box (without mentioning on that paper what the codes are for). Then I store a YubiKey which is a second factor to these accounts in another safe deposit box in another location.

So should I forget my master password: drive to box 1.

Should my house with all my computers burn down: drive to boxes 1 and 2, find a pc or phone somewhere, and I have access to all my accounts.

Should my password manager go bankrupt overnight and take my vault with them: drive to boxes 1 and 2, then click “forgot my password” on all services and use my e-mail to recover access.

Should my password manager go bankrupt overnight and take my vault with them, my e-mail provider go bankrupt overnight and take my mailbox with them: at least I have my e-mail domain, so I can set up a new mailbox elsewhere

Should my password manager go bankrupt overnight and take my vault with them, my e-mail provider goes bankrupt overnight and take my mailbox with them, and my domain registrar goes bankrupt overnight and take my domain with them: yeah…then I’m screwed. I’ll migrate to a wooded country and become a hermit.

you don’t need a ‘source’ for that, do you? – it’s common knowledge that people reuse passwords across sites. It’s not best practice for sure, but plenty of people do it. If some low-quality site leaks your email and password and if you were dumb enough to use that as your master password for your password manager, you are at more risk than if the bad actor didn’t have that information.

 Not sure if this helps or hurts, but the places they’re most likely to see a problem area in the clients and automatic browser plugin updates. An attacker doesn’t even need to target a password manager directly; they can collect passwords pretty well with any compromised plugin, just not all of the passwords at once.

 for the N number of websites that force me to create accounts, I use an auto-generated password from the password manager and save it to the same SaaS password manager. These are for websites I don’t care if the passwords get leaked, I can live with the damage. Some have access to credit cards, but meh. For the old-school (am I young?) websites like mail, Fb, bank accounts, etc I remember the passwords.

Seems like a workable compromise for now. Tho I am scared I will start getting lazy and start storing sensitive websites in pwd managers.

 I do the same thing but worry about a nation-state or rich enough hackers to just take over the project and add nefarious code. I’ll never audit the code and make sure it produces the binary I get from the Apple store. So I’ve started adding my own “salt” – I type an extra character or two (same for all passwords) to the end of every password I enter. It’s the easiest way to protect against not being able to trust my local password app that I can think of.

 I do the same, with Nextcloud though, but I doubt SkyMarshal would consider that as an enhancement. He, and others, sync it manually and “offline” for security reasons.

 You can use any kind of sync software you prefer, be it cloud-based or local LAN-only. At least with cloud-based, it’s not a glaringly visible honeypot with a huge target painted on it. Setting up local automated sync is on my to-do list, it’s just a lower priority than too many other things. As I mentioned, I don’t create new accounts so often that I need automated sync.

 I’m surprised by so many of the comments here out-of-hand dismissing or denigrating any password manager that stores data in the cloud. There are ways to store data securely, one of the simplest methods is to do zero-knowledge encryption of that data by way of key-generation from a password only the user knows at the time of decryption. This is essentially how the vault functionality of most password managers works, whether that vault is stored locally or not. They used something like PBKDF2 to generate the key used for encryption from your password. There’s no such thing as perfect security, but as a security-minded person, I see nothing there to concern me simply because the data is stored in a company’s S3 environment vs on Dropbox vs on my local disk. Presuming that the software itself has not been maliciously modified to leak the key, then regardless of where the data is stored it either requires breaking the encryption or finding the password that generated the key to access the data. My local disk is no more secure in that aspect, except that I may have the illusion of control. Availability is also an aspect of data security (in the CIA triangle) and a cloud provider that properly replicates and manages backups of data is more reliable than my local disk in this aspect and a fair trade-off for data I likely want to synchronize across systems and devices (phone and laptop, at minimum).

Why should you trust a password manager?

For me, it’s pretty simple. I don’t use social login, and I use unique usernames (most of the time) and passwords (every time) for hundreds of sites I’ve created accounts on over the years. This is because breaches /will/ happen, and password re-use is probably the single largest issue for user security, including for “power users” like myself. A password manager of /some kind/ is required to have unique passwords across hundreds to thousands of sites. Certainly, there’s more to it, and you need to figure out your threat model and trust constraints, and I can’t solve that for you. But as far as I am concerned, if I have a reasonable assurance that the right algorithms are used and those algorithms are correctly implemented by the password manager software, I see no reason to distrust it.

 The safety of ciphertext stored in the cloud is entirely dependent on the lack of state-level actors interfering in encryption research, cipher engine design, chip manufacture, operation of cloud hardware, and day-to-day safety of cloud operator employees. The USA is quite willing to violate all those conditions: NSA directly influencing cipher design, interfering with chip manufacture, seizing hardware wholesale, and engaging in “enhanced interrogations” in attempts to extract information.

The threat level of this state action is 100% because they aren’t going o spend all that time and money on these tools and not use them. They aren’t focused on cracking your password, they just crack everyone’s because that is easier to automate (see prior discussion regarding weakening encryption to suit the tools the TLAs already have access to).

At least with my secrets stored on my hardware I have the assurance that the TLAs will need to be targeting me directly to obtain my secrets (much less likely than getting caught up in a dragnet).

  There are ways to store data securely, one of the simplest methods is to do zero-knowledge encryption of that data by way of key-generation from a password only the user knows at the time of decryption. This keeps your passwords safe until you enter your master password. At that point, you have to trust the software that was downloaded a few days ago from an AppStore or a few seconds ago from the company web server. It might have been backdoored and happily phone home your master password.

Your downloaded password manager might be a few years old and YOU decide when to upgrade. Your argument has nothing to do with cloud storage or password managers generally and seems to be an argument against automatic updates. So, fine, disable automatic updates (although I’d argue you’re safer with them). I also baked in the presumption that the software isn’t malicious in my comment and called it out. So, sure, yes malware that leaks your password can exist. That doesn’t have any effect on whether password managers are a good thing or trustworthy. I use 1password7 in a mode where I have to manually sync my vault. I’ve used other tools to prevent 1password from initiating any network connectivity at all.

 

If the client for a cloud password manager is open-source, I’m inclined to trust it about as much as I would a non-cloud open-source password manager.

 Ultimately I just wouldn’t use a password manager if it wasn’t synced with the cloud and didn’t offer simple browser integration. Sure, that increases the attack surface. But the alternative is not that I put loads more effort into faffy open-source workflows, it’s that I go back to using crap passwords.

 He’s a great security expert. nit – I wouldn’t claim that someone who _has_ written security (password, or cryptography)-related software, is necessarily _qualified_ to, or a trustworthy _expert_ in the field. Insecurity especially, self-proclaimed expertise (as the strongest sales pitch) does not distinguish between respected experts and snake oil salesman.

I would say that he’s written several widely read and respected cryptography books, designed widely used algorithms (standards & well-tested candidates), and written about social & technical factors that surround & affect security.

Good links! Thank you!

 

 

https://www.passwordstore.org/gpg “make-key”

mkdir -p ~/.passwordstore/foo/bar

echo “hunter2nusername: hunter@hunter.comn”

| gpg “sign” > ~/.passwordstore/foo/bar/entry.gpg

gpg “decrypt” ~/.passwordstore/foo/bar/entry.gpg

tree ~/.passwordstore/

Basically, “passwordstore” is pretty trustworthy, open-source, reasonably inspectable, and kind of automates the above steps in a decent CLI (and has a nice git integration for syncing).

There’s another plugin: “password-tomb” which adds in a “zip -r tomb.zip ~/.passwordstore && unzip tomb.zip” with some extra encryption blobbing around things.

I’m nudging towards wanting all that “junk” stored on a mostly-offline (or read-only USB, or doing something with fetching encrypted secrets over the network), and trying to figure out in a temporary ram-disk to try and reduce exposure time.

The reason it feels pretty good for me is that it degrades gracefully and can be used with standard tooling. It’s totally possible to have a script which does: “for each password => unlock && dump && append-to-pdf && QR-code => print.pdf” and print that out at intervals, so it’s got great survivability characteristics. It allows me to self-host even completely offline using git. If I have the GPG key, I can recover the passwords w/o any tooling. It’s kind of my ideal situation for trustworthiness.

 Doesn’t that ‘echo’ command go straight to the command history? It would reside in ~/.bash_history unencrypted until I type 2000 other commands.

 I think it’s just an example to give you a conceptual idea of what ‘pass’ is doing under the covers. Of course, using ‘pass’ does not require ‘echoing your password anywhere. Tangentially, if you precede a command with a space, then it won’t show up in your shell history. (Double-check to be sure, as this is likely a configurable option of your shell. e.g., ‘histignorespace’ in zsh.)

 I agree with your points, but why showcase a super-secure system with a flawed example? Also, so many things can go wrong with this setup, I’m inclined to think that this is one of the upsides of a password manager like KeePass.

 

I think you may have focused in on the tangential sentence rather than the point about it being a conceptual overview with Unix commands being used as a metaphor, i.e., not a literal example.E.g., they’re not typing `echo` commands in the same way that they’re not typing `gpg “make-key”` (which is not a real command).

 I’ve been using `pass` for years. Yes, it’s more manual but I’m in full control of the password management. There’s also a mobile app for ios and iPad that work just fine, including storing OTP.

 At the bare minimum, you should trust the password manager that comes with your web browser. After all, you trust your browser enough to type your passwords into it.I personally just use the Safari browser together with Apple’s Keychain.

 You shouldn’t [trust SaaS password managers]. Trust local password managers working on local files that are synced via Google Drive/Dropbox.

 I will tell you a good reason to trust password managers. I know a lawyer who does estate planning. When you start talking about “what happens when I die”, passwords are a class of problem that has only gotten worse in the last 2 decades. There are legal ways for estate executors to request passwords, but it is a pain and can be time-consuming. She tends to recommend password managers because they tend to be more consistent than written down passwords in a safe. Further, having a password manager, where someone can be designated as a trustee makes executing a will considerably easier. Now, none of the above necessarily makes password managers safe. The increasing legal scrutiny that password manager providers face, means that they will tend to be relatively safe, but they’re still a single point of failure. At some point, you need to decide what trust level you want though, security is a lot about tradeoffs, and ease of access is always at odds with keeping things safe.

 I’m pretty sure even after death, it’s still technically breaking the law to use someone else’s password. So I’m surpised a lawyer would be so open about it, though I agree it makes life 90% easier when it comes up 🙂

 I use a password manager for the hundreds of accounts I have where security is not super important. Mostly as a way to not have to reuse passwords (credential stuffing now makes up a significant amount of attack traffic), nor fight the varying password requirements (“shoot, did this website require a special character?”). Tbh, it’s nice to have one less thing to worry about. For the increasing number of sites which require 2fa, it also let’s me keep a totp token accessible from all my devices.My most secure accounts use their own individual, memorable, secure password.

I do fear that even if my self-hosted password manager is secure today, there’s nothing stopping a malicious update to that software which could exfiltrate all of my passwords.

 This is my approach as well. I see passwords as being in tiers:- Level 0: the serious stuff that would absolutely suck if it got compromised. Namely Google. Banks.

– Level 1: things that would be an inconvenience if they were compromised. Okay it’s annoying that someone got into my Amazon account or something, but this can be dealt with.

– Level 2: passwords my in-laws are going to use to watch Netflix or the like. If this gets compromised… ok, that’s a pain for Netflix but this is essentially a victimless situation.

Password managers are really good for the Level 2 stuff. Really, there are too many passwords we need to know. They are okay for the Level 1 stuff, just have an idea who you’re going to call. I wouldn’t use them for the Level 0 stuff.

Like anything else, you balance your risk against convenience. Approached this way, even if the password manager gets hacked, you’re only minorly inconvenienced. Always have 2FA on where allowed and what’s the worst that will happen?

 I leave the really unimportant crap in the Firefox “generate and remember this login”, the regular passwords in Bitwarden, and financial passwords in my head.Answering the original question: I trust that Bitwarden’s Github source is what drives their service and that their popularity ensures the source is audited on a regular basis by reasonably skilled software folks. It’s the same degree of trust I give to the people that build every reasonably vulnerable product I use: elevators, phones, cars, door/window locks, etc.

—–

For me (and perhaps only me) a more pressing concern is that fingerprint scanning is common in apps that are meant to protect data: banking apps, stock market apps, Bitwarden.

NOBODY makes a significant effort to hide fingertips. Cameras are cheaper, more accurate, and more numerous than ever. People don’t clean every surface they touch. It can’t be so difficult to 3d print a mold and find the right material to make a false finger.

Android’s security model has a nice built-in feature: If you have someone’s phone for a few seconds and know their unlock code (not too tough to espy… right, Ye?) you can keep retrying the false finger for that person until it works. Only then do you switch to the important app.

Oh, and… Fingerprints, unlike master passwords, are nearly impossible to change.

 Came here to say this. When you’re on the job hunt, there are a thousand different MyWorkDays you’ll need to sign into and what an incredible pain it is to keep track of those manually. Just don’t forget to delete all those accounts when you’re done hunting.

 

It sounds like to me that there are three types of people:* Layman who reuses passwords unless a techie friend convinces them to use a PW manager.

* HN user who either uses a SAAS password manager or sets up their own system to solve the issue of syncing a password store across devices.

* Those who actually have state level secrets or living under an oppressive regime and thereby don’t trust even the networks they connect to.

Just an observation; not making any statements. But if I were to make one, it’s to know your own threat level and find the security vs convenience compromise that works for you, and educate your friends & family.

 How does this work with sites that have absurdly strict password requirements? i.e. 8-16 characters, 3+ letters (1+ of which is upper case), 2+ numbers, 1+ special characters (from their curated list only!) I’ve seen a few financial related sites have requirements like these, and with a typical password generator I can just click ‘generate’ until one pops out that meets the reqs, and save it.

 

Having an algorithm (especially one that is publicly available) to generate passwords is not as secure as unique passwords for each service. For example, we now know that you 1) use this extension, and 2) have a HN account. We can now start brute-forcing your password for HN.

 It uses a master password to generate these passwords, so I actually think you wouldn’t be brute-forcing their HN password that way but the master password itself. If you crack one entry, that means you’ve found the password they’re using to generate all of the others.Note that regular password managers also have a master password people can try to brute force, so I actually think this algorithmic method is technically more secure since there’s no need to trust a third party to manage the password store, while still having the other flaws that traditional PW managers have.

  HN user who doesn’t use a password manager and doesn’t sync passwords across devices and doesn’t reuse passwords (except on throwaway accounts)

 I would argue that’s still setting up your own system to solve the issue of syncing passwords. Whether that be creating your own algorithm to “generate” passwords you can remember or reproduce, keeping them in a notebook, etc.

 The question also applies to other software.Do you trust your backup software placing your encrypted data at the feet of NSA (cloud storage)?

 The reason password managers help your opsec is not because they can store passwords..but because they can randomize passwords, too, and per website.If one of those web services is compromised, the other accounts and credentials stay unaffected.

And humans on the other hand have maybe 2 or 3 passwords based on some imaginitive sense of “how secure and trustworthy” the website is…only to realize later that their paypal password ain’t that secure, and that now all other “secured” accounts are compromised, too.

I mean, BreachCompilation and Collection No1-6 have shown us not only the passwords to accounts, but the patterns specific people use once their passwords have been compromised and what they add to their patterns when they are forced to change their passwords after a breach.

And let’s just leave it with humans are not good at remembering special characters, and they do like counting a lot.

 I trust password managers more than I trust my ability to write down every password I might need again, and somehow not lose that notebook or leave it somewhere for someone to read it.

 

I’m very low tech : I use a small paper notebook (see link below, I don’t know the proper term in English). It’s absolutely unhackable unless someone breaks in my house which I’m not too much concerned for (my security profile is “random Joe”).I would not trust something in the cloud.

But at one point you have to trust something, learn to let go or do without.

I’m too lazy to work on the “memory palace” thing, but it might be the best solution: portable, secure, free.

https://media.cultura.com/media/catalog/product/cache/1/imag…

 

 

I use pass[1], which is a command line tool to store gpg encrypted passwords in a local git repo.I share the git repos between different machines using my own servers. All remote mirrors are synced over SSH using git-remote-crypt[2], which additionally encrypts all remotely stored files – including the metadata (e.g. paths and file names of the files) of the remote git repo itself.

On mobile I like to torture myself and enter the passwords manually.

I definitely wouldn’t trust any SaaS password manager.

[1] https://www.passwordstore.org/

[2] https://spwhitton.name/tech/code/git-remote-gcrypt/

 

 Pass will generate QR codes for you, which is much easier than typing the passwords manually. But you have the trust the QR code software and the system clipboard, which is up to you to decide.I really like pass because the source code is short enough, and simple enough, to verify its security to one’s own satisfaction.

 Thanks for mentioning. I haven’t tried that, yet.Yes, that was my reason to settle on pass as well. Plus it has a healthy community discussing in the mailing list and also many eyes looking at the source.

 I might be minority here, but I prefer Bitwarden because of it’s seamless ability to sync passwords with my wife. There’s no way she’s going to use something complicated or non-intuitive and she mostly uses iOS. We have nothing to hide from each other so all of our passwords are in the same vault. We also use the secure notes functionality to lookup important family info.

 There are offline capable ones that basically protect your passwords via an encrypted file you know the password for, I’ve seen this for Android and Desktop, not sure about iOS but I would be surprised if there wasn’t. There’s open source ones like BitWarden as well which I use. You can quite literally fully manage your password manager yourself. Then you have Firefox’s rolled out instance, where if you forget your password, the moment you reset it, you lose all the saved passwords. They can’t recover it because it is encrypted with your password.

 I once got an account hacked because I reused a password. Since then I only generate passwords and use a SaaS password manager. I got informed about leaked passwords multiple times by the service which saved me time and maybe even money.Managing them in the cloud is the easiest way to keep the passwords with me. I trust those services because I am lazy, my own solution would just be obscure and self-managed solutions would probably give me headaches in multi-device or multi-user scenarios (I share many passwords with my wife).

With a payed subscription SaaS solution I can expect that the provider has a huge interest in keeping my data safe from criminals. It’s their biggest selling point.

 Keepass is offline, opensource and quite simple: an encrypted list of passwords you can open and copy&paste from.

No lock-in, easy backups, simple threat scenario and hence easy to trust.

 Because if you don’t use one, you’ll almost certainly instead either reuse passwords across sites, store passwords insecurely, or choose weak passwords.

 In my opinion, storing passwords in encrypted files is probably safer than putting passwords in a centralized location (provided you don’t code your own encryption algo or make other silly mistakes).There is not a lot of value in trying to attack a single person’s password file, but the value is multiplied by the number of users when using a centralized platform.

 One feature of 1Password (and other password managers with browser integration) that has saved me at least twice by now: The browser extensions will autofill only for matching domains. If autofill doesn’t work on a site I have credentials in 1Password for, chances are it’s a phishing attack. That’s a last line of defence against well-crafted phishing attacks that I wouldn’t want to give up.

  storing passwords in encrypted files is probably saferThat is too hard or tedious for most people. Syncing is a pain, and doesn’t autofill on websites or in apps.

storing passwords in encrypted filesWhich you almost certainly access with some kind of software, yes?

A password manager is just a piece of software that stores passwords in encrypted files, and makes it more convenient to edit them, associate them with a website, use them to log in, check them against known breaches, etc.

I think local open source password management software that you run on your machine are more trustable and less likely to be the subject of a big targeted attack than a cloud tool. So just to be clear, I am not advocating against Keepass or similar, only web tools with thousands of users.

Fair. I moved from 1Password to Enpass when the former started pushing cloud big time.Enpass isn’t open source but it’s open… implementation details? There isn’t a formal spec or standard but they were very forthcoming about how their encrypted SQLite implementation works and there are now open source third-party CLIs for it. https://github.com/hazcod/enpass-cli

Why are people talking like the choice is between cloud password managers (potentially insecure) and no password manager (impractical unless you reuse passwords)? There’s a third option – a local password manager like the one built into your browser. Its one disadvantage versus the cloud is that you have to reenter your password on each of your devices. For normal people who have maybe 2 or 3 devices and don’t change their passwords very often, this is a trivial obstacle.

 A local password manager becomes a “cloud” one trivially if you just stick the database file on a synced drive. You don’t have to trust the drive’s host at all since it’s just an encrypted blob.KeePass makes this easy, at least in theory, though I was never happy with the phone app.

 It depends on what you mean by password managers and trust.If you have an application that you trust (be it track record, inspection or known-good controls), and that application happens to also be a password manager, then the trust in the manager itself should be fine. If, however, you use a third party service, i.e. something managed by a company that holds your data, that is a different topic because you’re talking about trusting a company.

A password manager can be KeePass on your local FDE storage medium. A password manager can also be a web app hosted elsewhere. It can also be both. You can even mix it up and have the storage medium be remote storage in stead of local storage.

If you currently have a file called “passwords.txt” stored in a public S3 bucket, that would be your ‘own method’ but would that be good? Or perhaps you have an RSA-wrapped AES-encrypted spreadsheet you store locally with no back-ups, also possible. Too many unknown parameters.

At the end of the day the solution that gets you strong unique passwords per entity in a way that you don’t lose access to personally but also don’t give unwanted access to towards third parties is better than not having a solution at all. (this includes physical paper password books, those are ‘unhackable’ after all)

 What other option is there? When you’ve got over a hundred different random passwords, at some point you’ve got to manage those, so you use a manager.Though I would never recommend a service-based one, just use something like KeePass and sync that file.

 IMO it’s strange that people use cloud-based password managers. Companies like 1Password have all your passwords in their cloud. So they are an enormous target.I use enpass, and am in charge of my own syncing and storing in the datastore of my choice. I personally prefer this model. 

Because that’s literally the entire point of cryptography, being able to move secret information across an insecure channel.1Password (and any other mainstream password manager) has no access to your passwords because they’re encrypted locally. People who go to extreme lengths to keep an encrypted file secret practice LARP security.

To preempt the question of “how can you trust them to encrypt your stuff though?” The same way you trust Enpass to encrypt your stuff, I’d make a guess 99.9% of users have not personally audited their code.

 Right, there are two reasons to not trust such a program which remotely stores an encrypted blob for you:1) Not actually understanding the technology or threat model.

2) Having incredibly sensitive information which absolutely cannot leak even by accident, and needs to be handled manually with extreme care. This describes vanishingly few practical scenarios.  Companies like 1Password have all your passwords in their cloud.But they are end-to-end encrypted, so if someone broke into their database they would be useless unless they also had access to your device. At the same time, the native and WebExtension clients are proprietary and autoupdate by default. Travel Mode can only be accessed by typing your decryption keys into the live website (my.1password.com). An infrastructure compromise would be even worse than a database dump.

 Because my passwords are stored in the cloud but they are only decrypted on my PC. If a nation state or another attacker gets into the password manager I use, they have my encrypted passwords just the same as if they rooted some Linux box I have an account on. The stakes are roughly the same.A passsword manager (PM) makes random passwords easier. A PM keeps me from re-using passwords. A PM gives me a relatively secure place to store vital information, and it also lets me use it on multiple computers and stays in sync.

Do I trust them implicitly with everything? No. That would be foolish. It’s a calculated risk, and the benefits outweigh the risks.

Why do you trust any software running on your computer? Your password manager is no more likely to have a malicious backdoor than any other program.

Because if 1Password (to pick an example) were to be found to NOT be using encryption sensibly, the bad publicity would likely sink their company.Security researchers pay a lot of attention to password managers.

Like most of the posters here, I trust my local password manager (keepass) for the most part (well, if my personal machine is compromised to the point where I don’t trust programs running on it, I guess I’m truly boned).I have recently started putting some low-value (social media) passwords in the firefox password store, just for autofill convenience. Does anyone know if there are some massive landmines to this sort of thing?

“Should” is an impractical word. “Would” is better.One would trust a password manager as a result of their obvious social media login getting all their friends spammed.

One would trust a password manager as a result of someone finding the post it documenting their bank credentials.

One would trust a password manager as a result of missing out on an opportunity for forgetting a login and having to wait an ungodly number of hours due to an inconveniently timed DNS upgrade leading to a long delay in the password rest email’s arrival.

Nobody trusts password managers because of something essential to the password manager or the concept thereof, we trust password managers because we have experience or can imagine experiencing the fallout of our own credential mismanagement in the face of increasingly complex security demands resulting not always directly from increasingly sophisticated attacks. It reduces our cognitive load slightly and focuses otherwise diffuse anxieties.

 You don’t “send” your password to the manager, you enter it locally. Ideally, it never leaves your computer, so it is far less likely to ‘leak’The database is encrypted, so if someone were to hack them, they would at least have some (hopefully major) issues decrypting it all.

This question is incomplete without expanding on your “methods for safe handling of passwords on the web.” Tell us what those methods are, and you’ll get some thoughts on whether you should or shouldn’t trust them.Password manager anxiety is a thing. Maybe you’re worried that you’ll lose the vault, or that it will be hacked. I didn’t like the idea that I couldn’t log into something without it. The problem is, without a password manager, my passwords sucked. I had a core secret that I sort of salted for each site.

So my reason for using a password manager (KeePassXC with SyncThing, if you’re interested) is that it’s better than the alternative.

 You don’t need to trust them. I use “pass” (https://www.passwordstore.org), a simple CLI password manager that operates using a GPG key you control (which I have on a Yubikey). Then, you can upload the GPG-encrypted password store wherever your want in order to sync-up your passwords.

 I trust a local password manager, namely KeepassX running on my linux laptop. It’s an open source dedicated piece of tech running on the local box, so I figure my trust model extends at least this far.Otherwise, no, I wouldn’t trust a commercial password manager with automatic sync on to someone else’s servers. I also don’t trust the browser enough to put an extension in it that has the keys to my password database.

It’s a tradeoff. I get a nice level of security, but it’s not 100% seamless. Without autofill, I often need to start up the password manager, search for a site, copy and paste password into the browser. (I just had to do this to log into HN.)

For some sites, I let the browser also save the password, which I treat as just a cache of low-value passwords. And the encrypted password manager database gets occasionally synched into gdrive, so I can also access it from my smartphone using the appropriate app.

Been doing this for 5+ years at this point, and it works for me… can’t even remember what on earth I did before. Probably passwords in tiny plain text files.

 

 

If you are concerned about using unfamiliar and complex cloud software:A very reasonable option is ccrypt, which gives you dirt-simple command-line password-based encryption for text files (or any other files). It’s available for most linux distros, cygwin, homebrew, etc.

Personally I use my own homemade text editor with built-in AES-256 password-based encryption. It’s about as trustworthy as I am, and a tad more friendly than ccrypt.

In either case cloud storage is easy; for example a github repo is nice (preferably a private one) because you have backups automatically in case you mess up, which I have done. I don’t use my phone for critical work in the first place (can’t trust ’em) so I’m not worried about integrating that.

 This is the only one I use. I’ve used it for like 5 years and have hundreds of passwords stored. Everything is offline and encrypted with GPG along with being command line driven. It’s the ultimate tool for someone who primarily uses a workstation or laptop.

 Personally, I use pwd managers as a convenience thing. My main accounts (bank, email, git, domain, or any other admin lvl thing) I either memorize or write down irl and use 2fa. Other than that yea I use password managers with the acknowledgement that it may get hacked but so would I at any point too.

 You don’t need to trust all of them. You might have been wrong to trust lastpass a few years ago as they got hacked, however something fully open source like bitwarden builds trust through sheer code. It is truly end-end transparency. You’re welcome to look at it if you’d like.I count on their cloud to host my data but might as well switch to the hosted version. If you have multiple devices with the app installed you should be able to have at least one device that still holds all your data should bitwarden ever go down.

 I trust my password manager (keepassxc) because(1) I believe in the fundamental goodness of humans.

(2) I believe that keepassxc being a Free Software, was made with honest intentions by competent people.

(3) That human society should be organized on the principle of mutual aid, and that involves trusting (initially at least) those who say they intend to aid you.

 Even in people are statistically good, there can be anomalies and corrupting forces.But it’s true that on some level we need to trust others so it’s hard to say where to draw the line.

 If you don’t trust password managers you’re trusting something else. You have to take that into consideration and weight in versus your threat model.And you probably don’t even need to trust a password manager with every password you have, you can keep just the random 200+ logins you probably have for weird websites. And keep banking, emailing and the other important stuff away from it. Also, you don’t even need to have your password manager store the actual passwords there, you could “pepper” what is stored so you transform it after you paste it to the website. One word about peppering, keep the inevitable future in mind and strongly consider ensuring your transform is available to whoever will be managing your affairs after you shuffle off. Keeping it with a lawyer or in a safe deposit box, perhaps.Source: helped deal with an uncle’s many, many digital resources after he passed unexpectedly.

 I run a self-hosted instance of a Bitwarden compatible server. It’s only available locally on my local network. So, when out and about, I VPN back home.Not sure it’s the best way to do it, security wise, but it’s what I found works for me in a security/convenience trade-off

 My biggest fear with a local password manager is a keylogger stealing the master password. I wished local password managers had a way that they would only disclose a single password when using a yubikey rather than opening/decrypting the whole vault.

Don’t know about other managers, but in Keepass you can use key file [0][1] alongside master password.There is also an option to lock the db behind a Windows account [2]. Not sure if it’s a good idea, though.

> One master password decrypts the complete database.

> Alternatively you can use key files. Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn’t lose this disk then.

> For even more security you can combine the above two methods: the database then requires the key file and the password in order to be unlocked. Even if you lose your key file, the database would remain secure.

[0]: https://keepass.info/features.html#lnkkeys

[1]: https://keepass.info/help/base/keys.html

[2]: https://keepass.info/help/base/keys.html#winuser

 

 

It’s a convenience vs. security tradeoff. The fact is, most people can afford to adopt a flawed security model to give themselves greater convenience, because most people aren’t being specifically targeted and attacked. I doubt many people realize that they are making such a tradeoff, but that’s more about dishonest advertising…

 

It’s less flawed than relying on a low-strength memorable password that’s reused across all services. Having a uniquely generated, random password for each service that gets autofilled by the password manager is much more secure.

 

I guess password managers seem like one of those few decisions that made my life both more convenient and more secure (after the initial adoption).Out of curiosity, what could one use instead of a password manager that would be closer to the “more secure” side of things in your opinion?

  what could one use instead of a password managerThe comment you’re replying to mentions “dishonest advertising”, which suggests “password manager service”.

I’d think using e.g. KeepassXC would be more secure (but less convenient) than this, since I manage where the password database is stored/accessed.

You could use a different password for each service and just write them in a paper notebook.Paper is generally not susceptible to malware or other ways passwords can leak from a local or hosted password manager.

And also if you ever need to access anything on-the-go, you either can’t or have to keep the notebook with you and make it susceptible to the things you mentioned + theft or snooping.

 This is why people design password managers with “Zero Trust Architecture” and it is open source and auditable. Now what have you to lose?The comment section is full of false dichotomy of no PM vs vulnerable ones like SaaS based ones.

I just checked my Keepass database and it has 192 entries. 192 unique, actually secure passwords. Without a password manager it would be a necessity to reuse passwords or have otherwise insecure passwords in some form.That’s why I use a password manager. The small annoyance it is to keep the db file synced is well worth it.

 Well, if one’s using a Mac and iCloud one already trusts Apple. so no additional trust needed to use iCloud Keychain I guess.

 That’s why I like Apple’s approach of local backups. Nothing is exclusively in the cloud alone, it’s only backed up to cloud. Everything I care about, I can access it locally with no internet, including all old photos, files, chats, mails, passwords pretty much everything.

I use an offline only open source password manager so I don’t have to trust it. That and backing up the database solves the issue entirely

 Because my paid Bitwarden account works for every single device I own, for every app I use, for every website I visit, and for every browser that supports plugins. I can host it myself if I need to. I can have a family account to let my wife login and have her own separate passwords on the same sites as me. I can tag and sort and regenerate my passwords seamlessly. I don’t have to come up with my own passwords constantly — just click a few buttons to generate one within the current site’s requirements, and hit “save”.

You need a unique, strong password for every service. Humans are bad at creating unique passwords and bad at memorizing hundreds of unique passwords. Machines are good at both of these. So why would you trust your methods?

 Because I too had “my own methods for safe handling of passwords on the web”, but eventually realized that’s a fallacy. Unless you’re some memory palace super champion, you’re probably using an underlying pattern to remember all your various passwords, perhaps without even realizing it. I didn’t realize it until I started using separate passwords for everything, and “everything” started multiplying exponentially year over year. Only then did the pattern emerge to me, and only then did I realize it would emerge to a computer algorithm in about 1 femtosecond flat.There is no more convenient “safe handling of passwords on the web” than a password manager, in my experience. That said, if you know of a better, but at least as safe, way, then please share.

Insert shameless Bitwarden plug here.

 I use 1password for the convenience they offer.However for important accounts, I use 2FA with yubikeys or codes that are not stored on 1password. Just in case.

Especially for non-tech family members and friends. Its either an easy password manager or using the same password everywhere.

Keepassxc and strongbox (iOS). Both are open-source, I manually sync with iCloud + local backups on each device.

I really don’t know. I barely trust the one I built myself, especially for the automatic, cloud based ones, I just don’t know.

Everything is a risk reward calculation.Convenience vs security.

The balance i struck with a self hosted instance of bitwarden has been good for me.

I run it.

It’s open source

It’s third party audited

Company has a good history generating trust

Did I mention I host it?

I’ve been having my own methods for safe handling of passwords on the web.I use a local password manager, KeePass: https://keepass.info/

It’s probably the only good middle ground for keeping track of passwords, SSH certificates and other data: a password protected local database that i can move to USB sticks or SD cards for backups, or keep inside of an encrypted 7z archive, or a VeraCrypt file if i cared that much.

You not only get to have a simple way to use it (it’s just a file that’s compatible with the software, like SQLite is also really easy to use), but also get to pick where/how you want to store that data in an easy to understand manner.

Right now it’s great for all of my vaguely relevant access credentials, from numerous e-mail accounts, to online shopping accounts, to even access data for online platforms, hosting solutions, servers etc. with as many separate databases as i choose.

In my eyes, it’s also really great for letting you randomly generate secure passwords – i don’t know almost any of the non-essential service passwords and because it’s so easy to generate new ones for accounts, i’m not plagued by “password-reuse-itis” either. When coupled with 2FA, it’s pretty decent from a security standpoint.

It also has a clearly understandable attack surface – infected password manager binaries, stealing passwords when in memory or malware on the system (like keyloggers, clipboard watchers), someone stealing the database AND the master password, asking me nicely for it with a 5$ wrench: https://xkcd.com/538/

For why people use web based ones which aren’t so clearly understood or dependable (your list of risks would be a lot longer with those), i’m not sure. It’s probably just convenience.

 I trust the one I wrote for myself. I would have a hard time trusting a 3rd party tool without a lot of insight and feedback as to its design and implementation, and credible assessments of its trustworthiness.

I use KeepassXC. It’s free and open source, and local-only: my password file never touches the cloud even in encrypted form. It has hundreds of account credentials in it, along with other notes like security questions and which email I used for signup. The random password generation feature is a godsend: we all hate those security policies that ask for “at least one lowercase, at least one uppercase, at least one number, at least one special character, between 8 and 20 characters long” or some such outdated nonsense. I can tell it to generate a random password meeting those requirements, saving me the hassle of doing it myself. Or I can ask it for a 6 word long diceware phrase, for sites enlightened enough to support that. It makes my online life massively more convenient and secure.

 

 


Spread the love