It absolutely blows my mind that people are okay with giving their passwords (encrypted or not, see this very breach for why that's not always enough) to a 3rd party, but are not okay reusing a password somewhere.
If 1Password ever got owned, the Internet would be severely fucked.
And to stem the potential flood a bit, I realize there are plenty of good counterargument built up over the years to try and combat this general idea, but fundamentally the concept of giving your password to someone else to manage is still a confounding idea, regardless of whatever points those arguments make.
> It absolutely blows my mind that people are okay with giving their passwords (encrypted or not, see this very breach for why that's not always enough) to a 3rd party
That sounds more like LastPass than 1Password, although I haven't looked at the new subscription offering.
Which does not change the parent post's point, that with LastPass you're still giving it to a 3rd party who could leak that information for brute forcing.
That's a really unhelpful comment. Please specify what encryption you think Dropbox is doing on the passwords and what knowledge you have on the topic.
I'm pretty sure you're going to say "they do TLS" and then the person you're talking to can go ahead and explain that the encryption LastPass/1Password does protects an entirely different threat model, but unless you have a conversation here no one is going to be able to communicate a thing.
To be clear, I don't owe you or anyone anything with regards to this conversation. I am not obligated to conform to any particular conversational strategy, and if my intention was to simply claim something was incorrect without elaborating, I am entitled to do so.
That said, I was wrong. I recalled what bcrypt does incorrectly.
To be more direct, I'm suggesting the standalone native application may not completely correctly implement the encryption algorithms. I have no evidence of this, but the concept still concerns me.
That's not what you said. You said that if someone owned up 1Password, the whole Internet would be in trouble. But that's like saying that if someone owned up one of the OpenSSH developers, the Internet would be instantly vulnerable. A false statement.
It's a true statement, not a false one. If someone was able to release an intentionally vulnerable version of OpenSSH/1Password, people who updated would be "instantly* (your word) vulnerable.
1Password only recently added a service which syncs your vault with them. I use 1Password with a vault that exists only on my encrypted MBP. If my laptop is decrypted and my 1P vault is decrypted then yes I'm screwed. What's the alternative exactly?
A great example was the recent Opera browser sync hack. Everyone who uses it has to change ALL of their passwords everywhere. Password managers are a TERRIBLE idea, and it's kinda sad so many security researchers recommend them. Single point of failure is a really basic concept to understand.
Password reuse has been slightly overblown as a concern. Things like your Google, GitHub, TeamViewer, bank, etc. accounts should always be unique. But if someone hacks your password for the Engadget forums or something, does it matter that they can now log in to your Kotaku commenting account? REALLY? People talk about how they have hundreds of accounts and could never remember passwords for all of them, so need a password manager... but in reality, only a few of those accounts actually matter.
And you're better off leaving a piece of paper with passwords on it by your desk than using a password manager. The likelihood of a digital hack of a password manager is infinitely greater than the likelihood of someone breaking into your house to get your passwords (instead of like... just taking your TV).
The majority of cloud-based password managers perform encryption client-side. A server hack would leave the attacker with random garbage. Short of brute-forcing your master password, they're not likely to get anything.
The only real concerns here are weak crypto and backdoors. If your threat model includes backdoors planted by software vendors you trust, not using a password manager won't help you, since someone might as well just backdoor your browser and get your brain-managed passwords as you type them. I'd stay away from webapp-based password managers, as planting a backdoor is typically easier for these.
Weak crypto is a hard problem, so you'd have to do some research and check whether the format your password manager uses has been vetted by the crypto community.
Looking at the vectors that are most commonly used to hack people today, I'm certain that password managers would be a massive improvement compared to the short and re-used passwords the majority of users use today.
Indeed. I would really love to recommend Keepass, but their website is really ugly and makes the impression of a non-polished software - even though Keepass is absolute mature and fine.
On the other hand, the PuTTY website is also everything but polished, but people have always been using it. Also, I suspect that most people will get it through the third-party site "www.putty.org" instead of the real PuTTY website, whose URL is as complicated as: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.h...
I don't think it's ugly -- just dated. Isn't it weird that mentally we trust software less if they have a dated website? Shouldn't it be the opposite? (As in: a dated website means this software is mature and tested?)
The problem with dated websites is that they have the appearance of being thrown on the web in 10 minutes and forgotten about rather than being mature and tested.
If the software is well supported and maintained than the website should be too.
Isn't the mentality more to do with insecure sites having dated websites with misleading links etc. Unless its a known company a dated/poor website often flags warnings for me about security, support for the product and more.
You know what always gets me: PuTTY's website isn't served over HTTPS. That software everyone downloads to type all their firewall and router credentials into... is from a website not served over HTTPS. I see the download and signature links are, but if I could have this non-HTTPS website offer up different links to your web browser...
The downloads are all GPG-signed, so that shouldn't be an issue. You have the issue of the initial trust, but that applies to HTTPS too to a lesser extent.
How many people do you think download the application, then check the signature? Additionally, if you can spoof the download link on this HTTP page, you can also spoof the signature link, and provide a fake signature matching your malicious package.
Frankly, about the same number of people as the number checking the HTTPS certificates are as expected. GPG does have the advantage though that once the public key is known and trusted, the package can't be tampered with on the server. (Authenticode might also work, but then you're back to trusting all the CAs that Windows does.)
Don't pay for this people. Use the open source password manager Keepass http://keepass.info/