A security consulting firm released a report on the safety of password managers. A non-geek, summarized version is also available at the Washington Post. (Summarized graphic of results.)
The password managers included in the study were 1Password 4, 1Password 7, Dashlane, KeePass, LastPass. Unfortunately, the testing was limited to Win10 even if the password managers were available on other platforms. They all had some flaws, but as reported, you should still use one. They were all tested for encryption method on the database, accessibility of the master password and keys in memory while unlocked, and the master password and keys in memory while locked.
All were evaluated to have adequate encryption on the file. 1Password 4 (which actually had better memory security than 1Password 7,) was best at keeping individual passwords safe in memory; while KeePass was best at keeping the Master Password safe in the memory tests (although Dashlane did the same while it while in a locked state.)
(Score: 0) by Anonymous Coward on Thursday February 21 2019, @10:01AM (7 children)
So, what methods could one use to safely store data (like passwords) in memory? I don't mean keeping it in memory while not being used, but how to safely load it into the memory to start using it in some unlocking function. Never saw this really covered in programming books/articles or documentation.
(Score: 2) by The Shire on Thursday February 21 2019, @11:25AM
It really is a difficult problem. I suppose what I would do is generate a temporary key when the manager is unlocked which can be used by the app to retrieve a requested entry on demand. And if you lock the manager, you de-auth and destroy the key. Unlocking would then require reauthorization and the generation of a new temporary internal key. This way, even if the key in memory is retrieved it would no longer be valid by the time a bad guy tried to use it unless they had realtime access to your system, and in such a case you're already fully comprimised.
Certainly at no time should you keep an entry in memory when the manager is locked.
(Score: 4, Insightful) by isostatic on Thursday February 21 2019, @12:55PM (1 child)
Ltitle black book in your pocket. You're still screwed if you enter a password on a compromised machine, but at least it's only that password that's lost.
(Score: 2) by Teckla on Friday February 22 2019, @03:44PM
I have mixed feelings about this. The physical book itself could be lost or stolen. And could also be accidentally destroyed in a flood or fire.
(Score: 0) by Anonymous Coward on Thursday February 21 2019, @04:26PM
With the Intel Management Engine (ME), you can hide data from your own user space, but if the ME is compromised, then it does not matter how secure your OS and software is. The only safe bet is to store your passwords away from the CPU and RAM. This is what Mooltipass and Memtype do.
(Score: 2) by meustrus on Thursday February 21 2019, @04:47PM
It's not covered because storage of secure data ultimately must be managed by the OS. Without effective restrictions on which process can read what memory (including side-channel attacks), it's impossible to ever have security.
Remember, your process doesn't have a secret sauce to decode that memory. Anybody with access to that memory the process binary can steal your keys and reverse engineer your algorithm and decode whatever you can decode.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 4, Informative) by ElizabethGreene on Thursday February 21 2019, @04:50PM
It's hard to do right.
For a password manager the user would enter a key to unlock the database, and you'd keep that key in one buffer only, not passing it by value. That buffer would be mlock() (Linux) or VirtualLock() (Windows) to keep it from paging. When a user asks for a password you only decrypt that one password, not the whole list and use similar precautions. When the password manager is locked or goes idle you explicity overwrite your buffers with zeroes or before freeing the memory.
See also: Secure Programming Cookbook for C and C++ by Matt Messier, John Viega [amzn.to] (Amazon Link, but don't pay $80 for it. Get the $15 used copy or safari it.)
(Score: 2) by ilsa on Thursday February 21 2019, @09:48PM
The thing is, if you have software sniffing the memory of other processes, then that means your computer is already compromised and you are already pretty screwed.
While this is an issue, it's an issue that takes effort on the part of the malicious actor to exploit. All in all, using a password manager is still FAR FAR FAR better than not using one.
(Score: 5, Insightful) by Rosco P. Coltrane on Thursday February 21 2019, @11:21AM (2 children)
Because it's fully contained in my noggin.
I just use a "password recipe", based on the username or domain name, the first letters of the first words of a poem I know, and a few simple math transformations, to create on the fly a fairly secure password composed of 12 alphanumeric characters + 2 special characters). Once you've practiced using a password recipe more than 10 times, it because second natures: the hands seem to type unique passwords on their own.
So, no need for third-party, potentially unsecure password managers.
(Score: 1) by Tokolosh on Thursday February 21 2019, @04:03PM (1 child)
How do you remember a different password for every site?
(Score: 2, Interesting) by DECbot on Thursday February 21 2019, @07:30PM
My_SoylentNew_PW-1fish2fishredfishbluefish
Numbers, uppercase, lowercase, symbols and length; what more do you want?
cats~$ sudo chown -R us /home/base
(Score: 3, Insightful) by driverless on Thursday February 21 2019, @11:21AM (5 children)
This is a classic case of a it rather involved being on the other side of this airtight hatchway [microsoft.com] security vuln: If an attacker has arbitrary code execution at the same privilege level as the user, they can steal their passwords. Other things they can do with these capabilities:
Nothing to see here except someone touting for security conslutting work. Move along, move along.
(Score: 2) by The Shire on Thursday February 21 2019, @11:45AM (4 children)
I disagree. This isn't a matter of having arbitrary code execution. The article notes that in several cases, dereferenced memory still contains the clear text passwords which can, in theory, be retrieved by a malicious service running in low privilege userspace. And certainly in the case they referenced where a system crash resulted in a memory dump to disk that contained clear text passwords, this information can be retrieved much later, say by someone working in administration or someone who is servicing the machine.
There's really no good excuse I can think of where a locked password manager would allow passwords, obfuscated or not, to remain in memory.
(Score: 3, Disagree) by driverless on Thursday February 21 2019, @12:07PM (3 children)
The former won't work because Windows zeroes pages after use [microsoft.com]. The latter is a non-vuln because to read the pagefile contents you need to be admin, at which point you can just install a keylogger or whatever else you feel like.
I realise that what some of the password managers are doing isn't really good hygiene, but it also isn't the major vuln that the article makes it out to be.
(Score: 3, Informative) by The Shire on Thursday February 21 2019, @03:59PM
Zeroing out the pages occurs later and clearly the analysts were able to extract the passwords from memory no longer associated with the process so there is sufficient time between the pointer release and the OS level purge. In at least once case, the password manager did not clear the password data from it's allocation before doing a free which results in available memory that still contains sensitive data - this is a flaw they should be able to easily correct.
As for the pagefile - in the event of a BSOD, a snap dump is made of the current memory state which includes this password data and is saved to either \windows\minidump or \windows\memory.dmp. These file can be accessed either later on or even from a system backup and the passwords extracted. Access to the pagefile itself is not needed.
There are security vectors being exposed here that we shouldn't just dismiss, and improvements to the existing password managers can be made to further mitigate them.
(Score: 3, Informative) by ElizabethGreene on Thursday February 21 2019, @04:53PM (1 child)
If you read TFTA, they call that out specifically and the thing you say won't work absolutely did. They were able to retrieve cleartext credentials and the master key from a crash dump or a locked running process that the Windows memory manager hadn't cleaned up yet.
(Score: 2) by driverless on Thursday February 21 2019, @11:04PM
Now we're just going round in circles, and you haven't read what I originally wrote. To bypass the Windows protection mechanisms, you need to either be Administrator or be running as the user with equivalent admin-level privs (SE_BACKUP, SE_DEBUG, etc). If the attacker is already Administrator on the machine or has similar privs that allow them to do whatever they want to the user then the presence or absence of a password manager is irrelevant, the user is screwed.
(Score: 2) by VLM on Thursday February 21 2019, @12:30PM
Given the option of:
1) Trust my cell phone provider not to F me over with 2FA, at least for "important financial stuff" (kinda a waste of time for online shopping sites using paypal or social media)
2) Trust no one to guess moron passwords like Password1-
3) Trust some 3rd party to store all my data and not get hacked themselves or MITM'ed or any person in the entire government or corporate structure of western civilization simply asking for the complete dataset.
4) Trust in my luck
5) Trust in gpg and a private git repo of encrypted files, one per site, with passwords looking like line noise generated by pwgen
I personally use a mix of 1 5 and 3. And I suppose 4, like everyone else.
I'm just not seeing a complicated problem like passwords being "fixed" by adding a theoretically corruptible and complicated 3rd party into the middle of the process.
(Score: 2) by bradley13 on Thursday February 21 2019, @02:25PM (1 child)
...is human. And I don't mean writing your passwords on a sticky-note, because if you use a password manager, then you don't do that.
What I mean is this: Here we are, with our auto-updating software: on PCs, on tablets, on phones. Whoever is behind a password manager could - theoretically - release a malicious update: next time you unlock the manager, it sends all your passwords to hackers in Elbonia. How much money would that be worth? Alternatively, how much extortion or blackmail? And how long would such an update remain online before it was spotted and brought down?
I use a password manager, and that is (imho) the biggest risk.
Everyone is somebody else's weirdo.
(Score: 2) by Snospar on Thursday February 21 2019, @04:23PM
But if your Password Manager is open source and included in one of the standard distributions then there are plenty of eyes on that code before it gets distributed to your machine. I still do manual software updates (regularly) just so I can peruse the list of packages being updated and my Password Manager would be one of the few that would make me dig down to the release notes.
I suppose the article seems focused on Windows software so the same level of control probably isn't available to those poor souls.
Huge thanks to all the Soylent volunteers without whom this community (and this post) would not be possible.
(Score: 2, Insightful) by Anonymous Coward on Thursday February 21 2019, @03:47PM
Yes, there is a security issue here.
But, it is also being overblown.
Compared to the "usual user" alternative of
the benefits of using a password manager far outweigh the security issues of #1 and/or #2 above that result from not using a password manager.
Yes, a bad guy might hijack your machine. But the probability of that happening is orders of magnitude lower than the probability of being hacked because of #1 or #2 above.
So using a manager, even with this risk, is a significantly lower risk endeavor than not using one.
(Score: 2, Interesting) by Anonymous Coward on Thursday February 21 2019, @04:22PM
My company did internal testing of several password managers and found some sad things. We'd unlock password manager, view a password, relock it, and take a memory dump. During testing we found the cleartext passphrase and/or cleartext passwords in the majority of the testing.
After the testing I use Password Safe. They seem to actually care about memory hygiene, and when we reported a weakness in it the maintainer had a patch committed in under two weeks. That's faster than we can get a patch out, and 10/10 awesome.
(Score: 3, Informative) by noneof_theabove on Thursday February 21 2019, @05:10PM
for a sports site, pick your most hated team, useless player name and poke in some symbols/numbers
tony:cowboys9Roma
this can be replicated for anything as it something that only you know
like a food site use the best and worst food you like --- chocolate!liver1icecream
There is also a web site that has mapped the entire world with 3m x 3m [10ft x 10ft]
with random 3 words and is not repeated anywhere. Even foreign countries have their own
list not the english translation.
Then find something place that only you know, again related to the website, and pick one of the squares
[my house is on 0.3 acres and has some 180 squares]
what3words https://what3words.com/ [what3words.com]
a good place to test and very technical explainations if Steve Gibson's GRC website https://www.grc.com/haystack.htm [grc.com]
you can get a xkcd random words from which I consider harder to remember as there is no relationship to the website
and here is the techie explanation for all the above
xkcd https://xkcd.com/936/ [xkcd.com]
(Score: 2) by Gaaark on Thursday February 21 2019, @09:35PM (2 children)
4 long words, not going together in a common way ( no chocolateicecreamisgood)
Site identifier
Stick in a number/character
Mis-spell a word
Make the 4 words as long as possible
My passwords are often 25-30 characters long, each one unique.
IMPORTANT ones I do not trust to external systems (someone else's server that can be hacked) except the site itself...ie, a bank. If the bank is hacked, I'm screwed but the bank will reimburse me if it knows what is good for it.
I do keep a little black book, but it is not beside my computer: my computer is stolen, good luck to you trying to hack me.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 2) by NotSanguine on Thursday February 21 2019, @10:35PM
Those are good suggestions.
I use lines from poems/adages/songs, etc. and modify them to make them unrecognizable to dictionary attacks. I also include punctuation and capitalization.
For example:
In the drone where I what burned.
or
I've got blings to dew and polemics to cheap.
And I keep them in the best password manager I can find. My brain. It's not open-source, but it is relatively unhackable without a million dollar cluster for decryption [xkcd.com]
The key is that they're long, not easily guessed via a dictionary attack (even with a phrase dictionary) and easy to remember.
What more could one want?
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by pipedwho on Thursday February 21 2019, @10:42PM
Only 4 words long?
Mine are 7 words long and 6 characters around. I vary technique to avoid it being too predictable. Tantric breathwork is important too.
Oh wait. Were we talking about passwords?