LWN: Comments on "A Periodic Table of password managers"

A Periodic Table of password managers

flussence — Sun, 21 Aug 2016 19:01:02 +0000

Thanks for that link! I'd never have found out about it on my own. This sounds much better than the ad-hoc system I've been using.

A Periodic Table of password managers

georg.s — Sat, 20 Aug 2016 11:57:06 +0000

Perhaps it is time for a follow-up article?

Especially, `pass' ('the standard unix password manager' https://www.passwordstore.org/ ), seems to be worth to be considered in a new overview article.

A Periodic Table of password managers

dag- — Tue, 22 Nov 2011 23:15:38 +0000

Revelation development has (fortunately) continued with a 0.4.12 release recently.

A Periodic Table of password managers

mmendez — Thu, 17 Nov 2011 15:04:15 +0000

I have been using a Firefox addon called passwordmaker for a few years. It hashes a 'master password', that you keep in your head, along with some salts (domain name, prefix modifiers ...) and generates passwords using a list of characters.

So the password is never stored in any format. If someone were to grab the password configuration they would still need to know your 'master password', which being a single/often used password should be easy to remember even if it is complex.

PasswordSafe available on Linux

CycoJ — Thu, 17 Nov 2011 07:23:56 +0000

It's worth pointing out that PasswordSafe does have a Linux version in Beta. From the PasswordSafe News cite:

The Linux Beta version has also been updated to 0.7, and is available for Debian and Ubuntu distributions, as well as in source form.

Unfortunately it does not run on 64bit yet.

Kwallet + Firefox

morhippo — Tue, 15 Nov 2011 19:06:23 +0000

Well, at least for older firefox versions there was this add-on which added kwallet firefox integration, seems not to work with the latest versions though: https://addons.mozilla.org/de/firefox/addon/kde-wallet-password-integratio/

vim -x

ebirdie — Tue, 15 Nov 2011 10:06:55 +0000

A vim script/plugin gnupg.vim (http://www.vim.org/scripts/script.php?script_id=661) helps also.

It does set all the above options except nowritebackup, I just checked.

browser integration?

sorpigal — Mon, 14 Nov 2011 14:10:40 +0000

That's a major down side and one without a good solution. Pherhaps you could try clipperz.com; they offer a standalone version you can self host (haven't tried it yet).

Ultimately the solution to this has got to be a FOSS online password manager with a slew of nice features (two factor auth, various integration, etc) so that I don't have to trust a third party host and get a network-accessible password safe.

A Periodic Table of password managers

vivi48 — Mon, 14 Nov 2011 13:17:05 +0000

I've been using this technique for years.
see for instance: http://www.venge.net/programs/twonz.html

vim -x

brian — Sun, 13 Nov 2011 21:43:29 +0000

Thank you, idupree.

vim -x

idupree — Sun, 13 Nov 2011 20:55:28 +0000

Specifically, only use vim encryption in vim >= 7.3 (upstream released it in Aug 2010, so e.g. Ubuntu 10.04 LTS definitely doesn't have it). Earlier versions of Vim use a cryptographically unsound encryption scheme, new versions use Blowfish. Also you need to set the right Vim options to prevent information leaks; e.g.

set nobackup
set noswapfile
set nowritebackup
set viminfo=

I suspect noswapfile isn't needed if the announcement I just looked up is correct [1], but without set viminfo= I definitely got information leaks into ~/.viminfo , even though the tutorial Google found [2] fails to mention that. Has anyone thoroughly examined vim to give us a way to confidently use vim encryption securely?

But on the plus side, I predict this Vim feature will still be here in ten years, and I have no confidence that the popular GUI password-specific programs will be the same ones by then...

[1] https://groups.google.com/group/vim_announce/browse_threa... linked from vim.org, except that Google claims that vim-announce violated its TOS rather than showing me the message (?!) so I found something on archive.org that looks like it's the announcement, http://web.archive.org/web/20110103012145/https://groups....

[2] http://www.techrepublic.com/blog/security/vim-offers-stro...

Schneier-based ideas work for me

philipstorry — Sun, 13 Nov 2011 12:02:28 +0000

Dang - I'm on Ubuntu LTS, so didn't know it had been removed. Thanks for letting me know.

I guess I have three options:
1. Learn C and maintain it myself (thus get it back into the distros)
2. Write my own "clone" in my own choice of language
3. Use something else

Luckily, having picked a format that's widely supported, three is at least an easy interim option until I can decide whether I want to do 1 or 2...

Good luck finding something to solve your problem.

Schneier-based ideas work for me

mgedmin — Sat, 12 Nov 2011 22:11:35 +0000

I also use pwsafe (it protects my LWN password!). Unfortunately it's recently been removed from Debian and Ubuntu as unmaintained.

My smartphone until very recently was the Nokia N900. There was a Schneiderian clone called PasswordSafe that worked rather well (the only two bugs were a missing icon and a non-functional export).

I've tried to import my pwsafe database into Revelation, which claims support for it, but the import failed silently.

I'm now looking for a solution that would support both Ubuntu and the Nokia N9, and, ideally support the same format.

A Periodic Table of password managers

mgedmin — Sat, 12 Nov 2011 22:00:10 +0000

Diceware is good for generating random but easy to remember passphrases. It's basically a world list with some instructions about picking up a number of words by using physical dice as a random number generator, and some calculations how many words you need for a given password strength.

A Periodic Table of password managers

juhah — Sat, 12 Nov 2011 12:11:30 +0000

Interesting that using a plain text file with standard encryption is not mentioned. No "vendor locking" and keeps portability at maximum. Not perfect though: all eggs are in the same basket and a very strong pass phrase required (say, +64 bit entropy) to stand against brute force attacks.

For additional security a physical barrier can be used in form of a codebook, for example. A simple laminated piece of paper which can fit into wallet will usually do fine. This will give some leeway if the encrypted file gets compromised.

Simple encrypted text file with entries like this:
foo@gmail.com XYZ restOfThePassword
where XYZ is your codebook lookup key should give a decent protection assuming the codebook entries are strong enough (say, 40 bit entropy).

A Periodic Table of password managers

djao — Sat, 12 Nov 2011 03:34:49 +0000

I don't think you properly understood the original proposal.

You have about 30 different passwords to keep track of. That's about average. You seem to be in favor of writing them down, whether on a pad of paper or in a password manager. That's quite understandable.

The problem is that, if someone malicious gets that piece of paper or breaks into your password manager, then they have EVERYTHING. The proposed countermeasure is to apply a single, simple, fixed, easy to remember, and easily reversible transformation to each password in your list. In other words, what you write down in your list is not your "real" password. Instead your real password is some simple (always the same) variation upon what is written down.

You would not write down the details of what this transformation is. You have to remember it in your head. But you only have to remember this one single simple rule. The argument is that remembering this one thing is not much harder than remembering the passphrase to your password manager, or the location of your paper pad. The benefit is that if an adversary succeeds in obtaining your list of passwords, they don't automatically get everything.

Nobody is suggesting that you memorize 30 different passwords or 30 different rules.

Use two-factor

drag — Sat, 12 Nov 2011 00:21:50 +0000

Yes. Against simple loggers then 2 factor auth is a good thing.

The main danger then changes from password stealing to session hijacking.

two others: oplop and vim -x

brian — Fri, 11 Nov 2011 23:11:04 +0000

oplop (http://code.google.com/p/oplop/wiki)

vim -x

A Periodic Table of password managers

asherringham — Fri, 11 Nov 2011 20:41:41 +0000

I agree as well. It's not often clear what's asking for the password in Gnome. In fact, sometimes it is not clear if the popup dialog is asking you for your own (sudo) password or the root password.

A Periodic Table of password managers

daglwn — Fri, 11 Nov 2011 20:24:47 +0000

I agree with everything here, especially this bit:

> Gnome keeps on asking me regularily "some application wants to access your
> keyring, please enter your password", without mentioning why, what
> application, what keyring or whatever

KWallet does the same thing. All that work to make things secure and then...this.

A Periodic Table of password managers

mjthayer — Fri, 11 Nov 2011 15:46:21 +0000

> Instead of writing software, one can just combine local crypted or non-crypted information with information stored on distinct devices, including own brain or cell phone.

A colleague of mine just suggested a variant on this scheme: a tool which combines a password with an additional word to (deterministically) generate a new password. E.g. you combine your master password with the word "paypal" (using the word "paypal" as salt if you like) and get a unique password based on that.

Use two-factor

Cato — Fri, 11 Nov 2011 13:01:11 +0000

The main defence against simple keyloggers is a second factor - if the authentication process calls your phone (like Google Authenticator or Duo Security), you will know some hacker has got your passwords and is trying them out. Since most keyloggers are installed en masse, this is quite a useful defence.

LastPass is a good password manager (free as in beer for desktop OSs, paid-for on mobiles) which now includes Google Authenticator support and has some other two-factor options (grids, biometrics, and Yubikey). See http://lastpass.com/

Although LastPass has the weakness of a cloud-based point of attack, the two-factor options make it more secure against keyloggers than the password managers listed here. It's still vulnerable to a targetted attack against the LastPass client plugin, but that's true of almost any authentication technique.

A Periodic Table of password managers

tpo — Fri, 11 Nov 2011 08:16:15 +0000

While it's useful to have an overwiew of existing password managers, the review is not really useful, at least not for me.

The article spends a lot of time looking at how each password manager encrypts its data. I couldn't care less. The only question that's important to me in that respect is: are the passwords processed and saved safely? That's it.

Usability, which determines, whether you use the programm or not, whether you use it safely, whether it is in your way or smoothely supports your usage pattern is completely untouched.

A few anecdotical examples:

* kwallet is practically unusable with keys only. You have to lift your hand and click and click and click... Considering that I have to enter passwords to all kinds of web applications all the time, selecting and pasting a username/password should be as quick and painless as possible, since entering passwords adds no value to the creative process.

* once upon a time kwallet was integrated with konqueror, which meant that it automatically detected when the page prompted you for a password and asked you whether it should automatically fill in the data. What a breeze. That feature was AFAIK dropped a long, long time ago in the name of syncing with Gnome (AFAIR) and never picked up again. Anyhow, kwallet has never supported neither firefox nor gnome...

* does the password manager work as an applet or does it clutter your desktop.

* what about supporting automatic password generation on demand? As allready said, there's no value in switching to the command line and typing mkpasswd or similar, then copying the password back etc.

* what about also generating some random email address and registering that with your mailserver for those thousands of web sites that also want your email address?

* Gnome keeps on asking me regularily "some application wants to access your keyring, please enter your password", without mentioning why, what application, what keyring or whatever (usually it's Network Manager AFAIK). This perverts the whole security concept if you don't have a clue who's asking why for your password and it should be trivial for an attacker to just launch the same dialog in the right instant and grab your master password.

* etc. etc. etc.

This critique here could come across too harsh. The point is that the article's focus is from a perspective that is only partly relevant and omits to discuss a central problem topic (the main reason why GUI apps exist actually).

A Periodic Table of password managers

drag — Fri, 11 Nov 2011 04:17:08 +0000

> So a minimally functioning brain can be assumed.

I doesn't matter how functional your brain is, it sucks at remembering arbitrary strings. Unless you are some sort of idiot savant.

> Now what is required to the brain is not much more elaborated than that.

No what is required for the brain is to do something it's not designed for.

> From the list of partial passwords, say written on paper, but not necessarily, you modify the partial passwords with a simple rule, like:
> - adding your pet name to the written down partial passwords (not very good actually), better
> - replacing the last 3 characters with the next ones in the alphabet, or
> - swapping the odd and even positioned characters,
> - etc.

None of that is very good, actually.

I have 5 sets of passwords I need to memorize for work.
I need a unique password for each website I need account for. That is probably about 10 or 15 different websites.
They include:
My bank
My mortgage company
My house insurance company
My car insurance company
My credit card
Power company
The power company for my rental
The water and sewage company for my house
The water and sewage company for my rental.
this website
gmail
some other websites.

and a few other dozens websites I use for various reasons. A lot of them I very rarely use, but when I need to use them it's somewhat important.

You tell me you can memorize all these and keep them straight by just swapping out pet names or doing random 3 letter word combinations. I have probably about 30 different passwords that need to be kept track of. A average person who uses the internet for bills and social media stuff probably has at least 15 accounts they need to keep track of.

What you are suggesting is all incredibly bad advice that will lead to a forgotten passwords, lots of password recoveries, lots of phone calls to the help desk at work. People will invariably choose to use shorter and simpler passwords and using the same passwords over and over again. Even if they are smart and try to use a good policy it will just end up punishing them and pushing them towards bad password management habits.

This sort of really bad advice that is repeated over and over again is exactly why people get their crap broken into. This contributed to why Debian got hacked. Fedora got hacked. Kernel.org got hacked. This is why people were able to gain access to source code repositories and key signing servers and all sorts of sensitive places like that. 90 times out of a 100 it is not a software vulnerability; it's because some goofball used a password to access a system that was hacked or should not of been trusted and they used the same password, or variation of it, on something that was actually important or their own workstation (and allowed ssh access from the internet).

People _should_
- Use unique passwords, _always_.
- Use very long passwords. Minimal 8 letters. Better of with 16, better off with 32, etc.
- Use random passwords.
- Passwords not based on favorite names or important dates or favorite teams, etc
- Passwords NOT based on words or misspelling of words. Swapping around letters is NOT useful. Substituting special characters for letters is NOT useful. Tacking on numbers to the end of words is NOT useful. These increase the difficulty of accurately remembering passwords massively while at the same time only trivially more difficult for a attacker to brute force or guess.

Trying to keep that straight in your head is very counter productive. It's better to not even try. Once you give up the need to try to memorize passwords then using proper passwords is massively easier.

> """able to remember that you wrote down the passwords on the pad of paper"""

Now compare all that to something that humans are actually very good at like:

"Were did I leave my wallet?"
"Were are my car keys?"
"Which drawer in my desk did I leave my password book in?"

If you don't know these then it's very easy to find out answers relatively quickly with usually minimal work.

Now if you don't use your online bank account but once every 3 or 4 months to check your balance... what are the chances you'll be able to recall a password that is _actually_secure_?

I understand a paper pad is not suitable for all purposes and is vulnerable to theft. Password managers are almost as good.

For Linux users something that is simple would be a LUKS encrypted USB key or something like that to store a text file of passwords or something like that. Real password managers are probably better, as long as you know how they function and keep their 'vaults' backed up to multiple systems. Encrypted files generally can be trusted so even if you back your password vaults up to insecure systems, you will be OK as long as you don't actually try to access their contents on those systems.

Some websites I use crap passwords because I am lazy. This is very hard to avoid.

But when I am doing good I always use passwords like this:

wee4eev1zaej,ah7EiCh
qui0hoh7OHaa<g1aetae
dae\Pae9aengo7OoPia:
wieYooNgoa1aijee[Gie
il2Sie2Jie1aevoh$soo
Xith7iez5ca,uf4eephu
za'es1ki5ooSh1xie1va
Aexu5ji{h1ahdahpo2ti
athae4Cemae9zoh+hiev
aQuia!xie5lef{i0Ooth

That is randomly generated stuff by using the 'pwgen' command, because creating new passwords is irritating and time consuming. In this case it was "pwgen -c1y 20 10" When I feel like being paranoid I won't even trust pwgen output.

For passwords that I need to recall on a continious basis, which is about 2-3 that I absolutely use on a daily basis I can memorize something strings like above. After using a password like that for a few weeks in situations were I must use it over and over and over again I can actually recall it much better using muscle memory then I can with just thinking about it. It's a bit silly feeling to have to sit down and close my eyes and type a password out to gedit to be able to recover it, but it is not atypical.

But lately I've been basing passwords on random strings of english words that end up about 20-30 characters long, for passwords I must use very often. No intentional mispellings or '7331' speak or any of that nonsense. They take a long time to type out, but accuracy increased massively and now I have to make less phone calls to unlock my accounts. For commonly used passwords changing them every month or two is critical.

(by-the-way: password lock-out policies are asinine. It amazes me that they don't understand that a person with simple shell script and a list of usernames can trivially perform a DOS attack on any major corporation that uses a password lock-out policy.. So irritating.)

browser integration?

linuxturtle — Fri, 11 Nov 2011 03:38:44 +0000

lastpass.com. Unfortunately it's not FOSS, but it's cross-platform, integrates with the browser, has broad mobile device support, has provisions to protect against keyloggers, offers dual-factor authentication and one-time password support, and on and on.. The main downside to using it for years is how utterly dependent I've become on it..

A Periodic Table of password managers

bferrell — Thu, 10 Nov 2011 22:40:22 +0000

Awww come on. You missed gringotts

http://gringotts.berlios.de/

I have to constant re-build it for my distros but I've been using it since 2002

A Periodic Table of password managers

Tet — Thu, 10 Nov 2011 22:33:38 +0000

Let's face reality - you need a password manager

You might need one. I seem to manage without one.

browser integration?

Per_Bothner — Thu, 10 Nov 2011 21:57:00 +0000

A large fraction of the passwords most of us use a for web sites. And of course most browsers have their own password-managers. Ideally, one would like to set the browser's password manager to use an external general-purpose password-manager. Or a browser password-manager that can be more general-purpose (which includes import and export). For example I know that keepass has tolerable browser-integration, but it's not as nice as the browser's native password manager, so most people will prefer the latter.

I didn't notice anything in the article or comments about this important usability aspect. Any comments or recommendations?

A Periodic Table of password managers

felixfix — Thu, 10 Nov 2011 20:44:11 +0000

That's quibbling. In those cases, the attacker is the keylogger, not the person who installed it, and it is on your machine, as was the installer when they installed the keylogger.

A Periodic Table of password managers

danielpf — Thu, 10 Nov 2011 19:40:12 +0000

Yes, but there are other cases.

A keylogger can be a device hidden on the keyboard cable and broadcasting every single key.
A keylogger can be a hidden program injected by some mean (say a downloaded package).

Such situations do not need an attacker present on the machine.

A Periodic Table of password managers

danielpf — Thu, 10 Nov 2011 19:30:16 +0000

Anyway you must at least assume that your brain is able to remember that you wrote down the passwords on the pad of paper, and where the pad was stored, without forgetting that this brain is going to use a computer.

So a minimally functioning brain can be assumed.

Now what is required to the brain is not much more elaborated than that.
From the list of partial passwords, say written on paper, but not necessarily, you modify the partial passwords with a simple rule, like:
- adding your pet name to the written down partial passwords (not very good actually), better
- replacing the last 3 characters with the next ones in the alphabet, or
- swapping the odd and even positioned characters,
- etc.
Something sufficiently simple but personal your brain will keep with quasi certainty. Something also that doesn't reveal some obvious structure in the password in case someone has access to a full password (thus the pet name addition is not very good on this regard).

A Periodic Table of password managers

drag — Thu, 10 Nov 2011 17:25:39 +0000

>But such methods as well as password managers do not hold against keyloggers.

If a attacker is present on your machine and can access your account there really is no method that is really useful. Any password you use is a password they can get.

A Periodic Table of password managers

sciurus — Thu, 10 Nov 2011 16:42:30 +0000

I've been happy with the Passpack. In addition to building a good product, they acknowledge how they've benefited from open source and contribute some of their own code.

A Periodic Table of password managers

drag — Thu, 10 Nov 2011 16:37:38 +0000

If you want to take that approach then the best place to keep your passwords is written down on a pad of paper.

That way is completely and 100% totally impervious to all remote attackers.

The brain makes a notorious poor place to store passwords. It has very limited store, high levels of data corruption, and performance/recall limitations. It's a highly optimized storage medium not well suited to arbitrary strings.

A Periodic Table of password managers

danielpf — Thu, 10 Nov 2011 11:36:04 +0000

>That's just security by obscurity - finding encrypted files is not that >hard by scanning for high entropy data, at which point your unique password >manager had better be as good as the well known ones.

No, the best protection is not storing the whole information on the same computer. It is not obscurity, it is a physical barrier.
One part of information can stay in the brain (say "add the name of you cat after each stored password"), or on a portable device (a sheet in wallet, a cell phone), and the combination of the distinct pieces of information can follow a simple algorithm easy to remember (all cap letters are actually small, etc.).

But such methods as well as password managers do not hold against keyloggers.

A Periodic Table of password managers

asymptote — Thu, 10 Nov 2011 11:32:27 +0000

KeePass is incredible. I successfully share a password file using Dropbox to clients on Windows 7, Max OS X 10.7, Ubuntu, Android, and iOS. Everything is synchronised for me, and the iOS client I use, MiniKeePass, is delightful to use.

Let's face reality - you need a password manager. I have 20+ accounts that I use on a regular basis, and they all need distinct password in case a particular site gets compromised and doesn't have a solid password storage policy. This is the world we live in - security through obscurity can't win.

A Periodic Table of password managers

danielpf — Thu, 10 Nov 2011 11:22:47 +0000

Instead of writing software, one can just combine local crypted or non-crypted information with information stored on distinct devices, including own brain or cell phone. This prevents accessing the full information for intruders of the computer account. With such practices
a password manager doesn't really need to be written.

Say one could use a plain text file, or perhaps use a password manager
to fool an intruder, but each password would be stored only in part,
or in an altered form. Algorithms, or added information from one or
several separate sources would provide the missing information.

In any case methods for storing static passwords do not help against
keyloggers.

A Periodic Table of password managers

Cato — Thu, 10 Nov 2011 10:47:13 +0000

KeePassX is good, I also use KyPass on iPhone (paid-for but better than the open source ones) with same DB as KeePassX, shared via Dropbox.

A Periodic Table of password managers

Cato — Thu, 10 Nov 2011 10:45:16 +0000

That's just security by obscurity - finding encrypted files is not that hard by scanning for high entropy data, at which point your unique password manager had better be as good as the well known ones.

If you still want obscurity, how about modifying the source of one of these tools to replace common strings with something random, including filenames used? It won't do much good but you could then have more assurance that this obscure one is still more secure against brute forcing.

Attacks using GPUs and FPGAs for brute forcing are getting very cheap indeed (hundreds to thousands of dollars) so it is worth using proper salting and stretching (iterated hashing) of passwords to protect against brute forcing.

I think the biggest vulnerability for Linux desktop users is (a) any copies of the password manager's encrypted DB file on non-"Linux classic" OSs, particularly Windows or Android, and (b) web app passwords being stolen via SQL injection and other web server attacks. I would protect against the former by mandating two-factor authentication on all platforms (LastPass using Yubikey or Google Authenticator is one example) and against the latter by using a password manager.

A Periodic Table of password managers

mpr22 — Thu, 10 Nov 2011 10:03:15 +0000

The "not be popular" requirement tends to imply by extension that everyone should write their own from scratch (what, you expect people to keep quiet about effective software?).