| 1 |
On Wed, Feb 13, 2019 at 12:12 PM Mark David Dumlao <madumlao@×××××.com> wrote: |
| 2 |
> |
| 3 |
> On Thu, Feb 14, 2019 at 12:32 AM Rich Freeman <rich0@g.o> wrote: |
| 4 |
> > I just stumbled on lesspass which seems to be such a tool for |
| 5 |
> > algorithmic password generation (lesspass.com). |
| 6 |
> |
| 7 |
> Great tool. Good to know there are those that think alike. One |
| 8 |
> important point though is that in my "version", the user has to |
| 9 |
> completely know a secure algorithm (which is where all the security |
| 10 |
> comes from), with a managed tool this is only feasible for technical |
| 11 |
> users (or at least technical past a certain level). A version of |
| 12 |
> lesspass that allows users to view and customize the secret-generation |
| 13 |
> algorithm would be much more secure. |
| 14 |
|
| 15 |
Maybe. Here is the problem with this: |
| 16 |
|
| 17 |
If you just give the user a choice of one of several secure algorithms |
| 18 |
to use, then basically all you're doing is adding a few more bits of |
| 19 |
entropy to the mix. You also have to deal with vulnerabilities in any |
| 20 |
algorithm your software uses, and not just the one you picked. |
| 21 |
|
| 22 |
If you instead let the user code their own algorithm, then while this |
| 23 |
increases complexity, it also makes it easy for users to shoot |
| 24 |
themselves in the feet with an insecure algorithm. |
| 25 |
|
| 26 |
I think it would make more sense for users to focus on more robust |
| 27 |
master keys than to rely on security by obscurity with an algorithm |
| 28 |
that doesn't benefit from peer review. |
| 29 |
|
| 30 |
|
| 31 |
> > 2. The solution does allow incremental counters for sites, but of |
| 32 |
> > course that is basically state and it looks like they have a way to |
| 33 |
> > sync this somewhere, but of course that means having a cloud sync |
| 34 |
> > infrastructure and that info could get compromised (doesn't include |
| 35 |
> > the passwords themselves). |
| 36 |
> |
| 37 |
> Also not an issue for me in practice. In practice you also remembr |
| 38 |
> which sites forced you to change passwords, since they're pretty much |
| 39 |
> the only ones in that class. |
| 40 |
|
| 41 |
Sure, assuming you don't regularly change your passwords everywhere. |
| 42 |
I'm not sure that this is as important with manager-generated |
| 43 |
passwords, but it is a consideration. |
| 44 |
|
| 45 |
> Likewise, |
| 46 |
> your keepass / lesspass secrets should probably be some insane |
| 47 |
> paranoid level secret that themselves don't come from keepass / |
| 48 |
> lesspass and their alternatives. |
| 49 |
|
| 50 |
While any master password should be secure, the algorithmic approaches |
| 51 |
suffer more, IMO. With something like Keepass or Lastpass you need |
| 52 |
both the database and the master password to do an attack. Now, with |
| 53 |
lastpass anybody with the master password can obtain the database from |
| 54 |
the cloud, but they're going to throttle attacks or lock the account |
| 55 |
after so many failures, and you have nothing to crack offline. |
| 56 |
Lastpass would be vulnerable to intruders stealing the database of |
| 57 |
course, which then reduces the difficulty of an attack to the same as |
| 58 |
something like Lesspass. |
| 59 |
|
| 60 |
> |
| 61 |
> > 4. I'm not sure how straightforward it would be to change |
| 62 |
> > passwords/etc. If you have 100 sites, you'd have to remember what |
| 63 |
> > password you used for what site, or change them all at once. Again, |
| 64 |
> > the stateless approach has its downsides as passwords are not |
| 65 |
> > stateless from the standpoint of the remote sites. |
| 66 |
> |
| 67 |
> Actually the generation approach is massively simpler since the |
| 68 |
> passwords themselves don't matter. If you don't like your secret, are |
| 69 |
> not sure which iteration a site is, are not sure if a site used an old |
| 70 |
> or new secret, etc, you can trigger a password reset on most services |
| 71 |
> and force it to use the current generated password. You can update any |
| 72 |
> passwords on an as-needed basis to always use the current generated |
| 73 |
> iteration. |
| 74 |
|
| 75 |
The problem with "as-needed" is that you have to remember which |
| 76 |
accounts use which master password. That sounds simple until you have |
| 77 |
100 different accounts. My password manager has a huge number of |
| 78 |
accounts in it. Granted, some of those are more disposable than |
| 79 |
others, but keep in mind that everything from the local burger chain |
| 80 |
to your bank has a password these days. Either that, or it supports |
| 81 |
something even worse like Facebook authentication. I'm all for SSO, |
| 82 |
but not ones locked into a single provider, and especially not |
| 83 |
Facebook. |
| 84 |
|
| 85 |
|
| 86 |
> > Password incrementing is an issue for any algorithmic solution - you |
| 87 |
> > need to be able to remember which password version is in use on what |
| 88 |
> > site. |
| 89 |
> |
| 90 |
> If you're talking about remembering the iteration counter for a |
| 91 |
> particular site, well, yes you have to store state somewhere. But |
| 92 |
> consider: |
| 93 |
> 1 very strong secret + remember that these 3 or 4 sites are on iteration X |
| 94 |
> |
| 95 |
> is a LOT less headspace than |
| 96 |
> 4+ independent strong secrets |
| 97 |
|
| 98 |
Sure, but I'm mostly comparing altorithmic password managers to |
| 99 |
database-based ones. In neither case are you remembering hundreds of |
| 100 |
passwords. |
| 101 |
|
| 102 |
> |
| 103 |
> and I'm pretty sure most people have logins on more than 4 sites. |
| 104 |
> |
| 105 |
> If literally the only state you need to know about a site is the Nth |
| 106 |
> iteration, I wouldn't mind cloud providers knowing that because they |
| 107 |
> can't do anything about that number. |
| 108 |
> |
| 109 |
|
| 110 |
It still means having a need to sync state, that was my main point. |
| 111 |
If it were truly stateless you wouldn't need any kind of cloud sync at |
| 112 |
all, and I think most would agree that would be an objective benefit. |
| 113 |
However, here we still have the need to maintain a cloud account, have |
| 114 |
devices that sync to it, and a need to keep that data backed up less |
| 115 |
that cloud provider shut down without warning. |
| 116 |
|
| 117 |
I think we're mostly on the same page though. |
| 118 |
|
| 119 |
-- |
| 120 |
Rich |
Archives