Password managers’ promise that they can’t see your vaults isn’t always true
- Thread starter JournalBot
- Start date
YetAnotherAnonymousAppellation
Ars Praefectus
I've been using PasswordSafe since I first found it on Bruce Schneier's site over 25 years ago. It's now open source and I feel it's well maintained. I've never felt the need to look further because of the history and Schneier's status within the security community.
Making sure that all of my devices always have a current copy of the database is a bit of a pain, but I feel far more secure not having it under the control of a site that I have no direct view into. I really hope I'm not fooling myself, but I feel pretty safe.
Making sure that all of my devices always have a current copy of the database is a bit of a pain, but I feel far more secure not having it under the control of a site that I have no direct view into. I really hope I'm not fooling myself, but I feel pretty safe.
Upvote
13
(14
/
-1)
You read the part discussing the assurances virtually all password managers provide -- you know, where they say even in the event a server is compromised, the "zero knowledge design prevents vaults from being decrypted -- right? How is it overselling for researchers to thoroughly and with incontrovertible evidence debunk all that misleading marketing gimmickry?
Upvote
25
(28
/
-3)
I was a bit confused by the "account recovery" phrasing since in my head, I was thinking about the Bitwarden "recovery codes" but I guess they're different. Supposedly changing encryption key method to Argon2id is also recommended?
Upvote
3
(3
/
0)
Gnafu the Great
Ars Centurion
Syncthing uses encryption with pre-accepted device keys for syncing across the Internet, so there's no need for a VPN and I expect the app would alert you if a remote device started presenting a different key just like if the certificate didn't match for an HTTPS website.
(I know I'm oversimplifying, but the point is that I trust Syncthing with or without a VPN.)
Upvote
13
(13
/
0)
Yada yada yada. Look I get where the researches are coming from and this is a valid thing to acknowledge and think about how to address it.
But this is the same equivalent of an article saying TOTP has been thwarted! When you read the article its a MitM attack so in the strictest sense it is true in the real world it isn't. I mean FFS. This here:
As one of the above issues is my situation. I have never and will never use browser extensions. Again I'm not saying what the researches are saying is wrong, but it is crying wolf on something that isn't a black and white situation. And frankly if someone has compromised a server. It isn't game over but it sure as hell is far closer to game over then not. It's all about layered security and “zero knowledge” is just another layer.
Upvote
6
(9
/
-3)
ive always felt bad relying on these services, first Lastpass, now Bitwarden. This was just the article i needed to finally make the switch to something local. KeepPassXC looked nice since it has browser integration. Setup and importing from Bit took less than 5 minutes. One less thing in the back of my mind to worry about.
Upvote
0
(4
/
-4)
Maybe its leaking secrets.. but anymore, my Crucial Passwords* are kept in a portable-based app stash via keyfile-based enc then wrapped inside a encrryped-volume setup that then lands on a cloud drive. I never trusted bitwarden/onepass/etc for that kinda stuff and seem to be increasingly validated. Not bragging at all; this is just the effort i go through to keep things safe.
* and yes some of those bits end up on Other Devices but they are copied local-connection; no cloud-based stuff. Even with all this, one cant help but think all the zero-days can retrieve it but us Lower Folk can skate on the fact we're not important enough to hammer bits with hacking.
* and yes some of those bits end up on Other Devices but they are copied local-connection; no cloud-based stuff. Even with all this, one cant help but think all the zero-days can retrieve it but us Lower Folk can skate on the fact we're not important enough to hammer bits with hacking.
Upvote
0
(0
/
0)
I use the same tool, and have always loved the fact that it does not attempt to keep your passwords "in the cloud".
It's local-only, and I only use it to remind myself of passwords I've forgotten. Not for everyone, but works great for me.
Upvote
2
(3
/
-1)
I've used SafeInCloud for many years. I love it as the data is kept only on my goggle drive. Sure If I don't have a hardened password and don't watch access to it, it could be bad. For me, with over 200 logon ids all with unique passwords it's a no brainer.
Upvote
1
(1
/
0)
Could a malicious server be coerced by a government?
I feel justified in never using cloud keychains.
I feel justified in never using cloud keychains.
Upvote
-1
(1
/
-2)
My offhand guess would be it is that it would be similarly vulnerable to spoofed keypairs, if you can spoof the keys in the first place.
Apple relies heavily on device and ecosystem security because they have full control over those factors. Even a jailbroken device can't access the private keys in the secure enclave. You would need to have a rogue member enrolled in your iCloud family group for that to work, and Apple does integrity checks on iCloud keys.
There is another sharing mode that relies on Airdrop for wifi networks and other passwords, and the recipient doesn't have to be in your iCloud family but they do need to be in your contacts. That also relies on pre-exchanged iCloud public keys and proximity.
Upvote
8
(8
/
0)
I was also confused by this paragraph. If you check the source paper, there is actually a whole annex about 1password.
What I understood of it is two things :
- they are more secure regarding the master password because they ALSO use a crypto key (the so called secret key).
- they are susceptible to similar attacks (two are described : sharing key override, and vault substitution) when using the sharing features, because of how they encrypt the vault key. But this is acknowledged as an architecture limitation in their own white paper, so they didn't even ask for an embargo. The researchers offer mitigation for the vault substitution attack
Source
https://eprint.iacr.org/2026/058.pdf
The last section
Upvote
39
(40
/
-1)
Apple's Passwords app is new, but it's just a frontend to the Apple Keychain that's been around since Mac OS 8.6. I'm not sure when Keychain was extended into iCloud, but even that's been a thing for a long time. So whilst I can see where your concern is coming from, it's misplaced.
Upvote
28
(30
/
-2)
What do you mean by this? In order for an attacker to put a compromised 1Password binary on my Mac or iPhone, you can’t just break into the download server and place a tainted binary there, because it would break the the app signature. Instead, they’d have to compromise 1Password’s development environment (which is not the same as the “server”) and sneak some bad code onto their internal repository, hoping the developers don’t notice it before they unwittingly sign and ship the next version. A successful attack in this way is possible via e.g., supply chain attacks onto whatever IDE is being used by 1Password, but it would be rather difficult and dependent on luck.
Upvote
25
(27
/
-2)
The announcement that local vaults would be discontinued was the impetus for me moving away from 1Password (which I'd been using since it was initially promoted in 2007 as part of MacHeist II).
I migrated to a self-hosted VaultWarden instance, which works pretty much identically. It was one of the least-painful software transitions I've made.
Upvote
4
(4
/
0)
I've been on self-hosted VaultWarden as well and it wasn't hard to set up. DNS was the hardest part actually.
I use Keepass too but BitWarden's interface is far more convenient and better.
Upvote
1
(1
/
0)
ReadandShare
Wise, Aged Ars Veteran
Most hacks (esp. those aimed at consumers) are social hacks. Basically, keep OS and apps updated, don't download anything from unfamiliar sites, and don't routinely sign in as "admin". After that, don't click links and don't call numbers listed on anything that comes in unsolicited. Finally, never answer calls from unrecognized numbers - let them leave voice messages. That's 95% safe right there?
Last edited:
Upvote
29
(29
/
0)
Curious what changes with being able to reduce hashing iterations with Bitwarden if you're using the newer Argon algorithm instead of PBKDF2. The newer argon needs far fewer iterations to be secure. I think it defaults to like 3 or 4? I have it set to 6 but reducing that to 2 doesn't sound as cripplingly destructive as reducing PBKDF2 to just 2 rounds which it's routinely set to the tens if not hundreds of thousands of hashing iterations.
Upvote
0
(0
/
0)
I put my keepass data file on Google drive with a super long password and the keyfile on Onedrive. Free, secure, and no sweat. It has my life in its hands, but I sleep well at night.
Upvote
5
(5
/
0)
Good point - I had forgotten about the feature where you can share a wifi network password with someone nearby. I've actually used that a couple of times when on holiday with friends. It would make sense if that was just a one-off 'share a copy of this password now' rather than granting semi-permanent access to a password saved in a vault. But it would be nice to know whether that is actually what Apple has implemented.
Upvote
0
(0
/
0)
I suspect there might be a bit more to the app than that: for example, the Passwords app has icons, which were not in iCloud Keychain. And one of the attacks described in the article uses a weakness in the icon feature to get in.
However, I get your point. Do you know when the 'Share Passwords with Family' functionality was added?
<edit to include references to icons>
Last edited:
Upvote
0
(0
/
0)
Of course the wrench attack is easily detectable. At the point it is being used against you, that matters not a bit. Your password or your life. Choose quickly, either way it is likely game over.
Upvote
8
(8
/
0)
I'm in the same boat, using OneDrive for my KeyPass files. Good luck brute forcing my 15 digit basically-random master password.
Not sure I've ever had sync issues, KeyPass is very good at spotting the db file has changed when it goes to save and asking if you want to sync them. It timestamps all password updates, so it can update to most recent on a per-password-entry basis. The situation you describe shouldn't be a problem barring some OneDrive weirdness.
Upvote
5
(6
/
-1)
I use KeepassXC (desktop) / KeepassDX (mobile), storing the encrypted db on my personal nextcloud server. It works seamlessly, with no conflicts. The only cloud I ever trust is my own cloud.
There are plenty of providers for hosted nextcloud servers, that are super easy to set up, if you don't want to do this from bare metal. Nextcloud lists a ton of them on their website.
Upvote
3
(3
/
0)
Most of those should be fixed, but I figure a state level actor with either server access, or access to server keys and MitM, will just give you a custom upgrade build that will exfiltrate anything it wants.
Upvote
1
(2
/
-1)
For the most part most of them are pretty secure. Its the users that are the weakness. If you make it simple recover your master password if you forget it then it defeats the entire point of the secure system
Upvote
0
(0
/
0)
This sounds not so unlikely to me. If I were a malicious actor, I'd certainly target the server infrastructure of the most popular password managers. If this is also the case with chat apps like Signal, I'd be worried too. In many countries, the government is a very likely threat actor. You don't have to be a professional spy.
I'm an immigrant in the US. And I've just moved emails off of Google after the latest subpoenas. I know a lawful subpoena is not the same as hacking Bitwarden. Still changed my mind a bit about threat models.
Last edited:
Upvote
8
(9
/
-1)
This is the system I use. To add a little bit of extra security, I keep the password vault file (which changes every time I add a new password or change an existing password) on OneDrive, but I encrypt that file with both a master password and a static keyfile, which doesn't change. The static keyfile I install on all my devices locally - that keyfile is never ever stored in the cloud storage service. Because the keyfile is static, a one-time installation when I set up a new device is not significantly inconvenient.
So, to open my password vault file, the attacker would need to either:
1. break the fundamental encryption algorithms, or
2. compromise one of my endpoint devices to steal both the vault file and a copy of the keyfile (and probably sniff the master key password component as well).
Even if the password vault file leaks from the cloud storage service, it's completely infeasible to obtain the keyfile portion of the decryption key by brute force.
Upvote
3
(3
/
0)
For this reason I prefer a more immediate sync process for KeePass files (sync immediately on save). Can SyncThing be configured with file system watchers to do that?
KeePass 2.x for Windows and KeepassXC for Linux/Mac include functions for merging the edits of two versions of the same password file, which is useful if sync conflicts arise.
Upvote
0
(0
/
0)
It matters after, though. Assuming it isn’t “game over” (since, in that case, nothing matters), knowing your accounts have been stolen gives you a chance of recovery at least.
Upvote
8
(8
/
0)
End of the day, KeyPass and any cloud management vault both have their weaknesses. The cloud structure definitely suffers from an eggs-in-one-basket weakness, but it also has the advantage of having huge OpsSec resources (unless it's Lastpass, LOL).
Make no mistake, KeyPass' greatest strength is anonymity. It's kind of a survivor's bias to assume that it's going to be structurally more secure than a professional data center. Bare minimum requirements should be:
1. Routinely updating the firmware/software on your NAS, router, and all network connected devices.
2. Limiting network traffic on your NAS via VLAN and firewall.
3. Containerizing/isolating other software from your NAS.
4. Pre-authorizing devices that can connect. And making sure those devices are secure.
5. Analyzing connections/connection attempts.
I'm fine with using <redacted> as my cloud password manager. Personally, I don't have the desire to play OpsSec for my home network to that extreme of a degree.
Either way, there's just 2 rules to live by:
1. Use MFA/2FA everywhere you can and don't save these in the same vault as your passwords.
2. Don't put your email account passwords in any vault. If your vault gets cracked, you might have a recovery chance if you can still get to your email, since that is going to be used to reset most other passwords. If those get compromised along with everything else, you might as well jump off a bridge.
Make no mistake, KeyPass' greatest strength is anonymity. It's kind of a survivor's bias to assume that it's going to be structurally more secure than a professional data center. Bare minimum requirements should be:
1. Routinely updating the firmware/software on your NAS, router, and all network connected devices.
2. Limiting network traffic on your NAS via VLAN and firewall.
3. Containerizing/isolating other software from your NAS.
4. Pre-authorizing devices that can connect. And making sure those devices are secure.
5. Analyzing connections/connection attempts.
I'm fine with using <redacted> as my cloud password manager. Personally, I don't have the desire to play OpsSec for my home network to that extreme of a degree.
Either way, there's just 2 rules to live by:
1. Use MFA/2FA everywhere you can and don't save these in the same vault as your passwords.
2. Don't put your email account passwords in any vault. If your vault gets cracked, you might have a recovery chance if you can still get to your email, since that is going to be used to reset most other passwords. If those get compromised along with everything else, you might as well jump off a bridge.
Upvote
7
(8
/
-1)
Upvote
-8
(1
/
-9)
- Add bookmark
- Featured
- #77
They analyzed a lot of password managers that had the same vulnerabilities as the top ones but for some reason they’re only allowed to mention 1Password.
Upvote
11
(11
/
0)
As a non-IT end user (who is or used to be kinda techie - heck, I hang out here), I will take this as an opportunity to vent at how insane all of this password stuff has become. I use the Apple ecosystem for most of my stuff and that tracks all my passwords because I dont even know any of them anymore. Regarding work, between 6 different authentication apps, several different 'tap-badges' and all of the different rules regarding 2FA/MFM, password lengths, character combinations, special characters, length requirements, rules for changing, updating, etc not to mention all the stuff that doesnt work (single sign on that doesnt), typically my login and password countless times a day, phone calls to IT at all hours when I get locked out because developers aren't the ones who actually have to use the stuff they create...... and then there are all the stupid sites that require logins for .... why? to harvest my data?
this is all out of control - and getting worse and there is more than enough blame to go around....
this is the world we live in and it aint getting better......
this is all out of control - and getting worse and there is more than enough blame to go around....
this is the world we live in and it aint getting better......
Upvote
13
(13
/
0)
Why does nobody recommend Keeper Password Security. I've been using it for 10 years personally and 5 at work (Govt organization).
It has been substantially scrutinized and always receives top marks.
It's available for all devices (Windows, Apple, Android) and has a browser add-in too.
It's far better than 1Password, Bitwarden amd so forth.
It has been substantially scrutinized and always receives top marks.
It's available for all devices (Windows, Apple, Android) and has a browser add-in too.
It's far better than 1Password, Bitwarden amd so forth.
Upvote
-18
(0
/
-18)