Secret password and master password security
So I will try and explain my question...
So there are 2 different spots to put in the secret password and the master password. So let’s say you guys have a breach, how will attackers see this? Will they see 2 different spot for passwords? Or is the master password an extension of the secret password?
So do they see:
Secretpasswordmasterpassword
Or
Secret password
Master password
Does this make sense?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @prime,
Neither of these values are transmitted to 1Password.com, so even if someone were able to break into our systems they would not see the Master Password nor Secret Key. If an attacker could see them, that would imply that we would be able to see them too, and when we designed the system that was a position we never wanted to be in.
Ben
0 -
How would they try and brute force? Do they brute force 1 password/key (a combo of the master password and secret password), or 2 different areas to attack?
I think the answer to this may depend on the attack vector. Are they trying to obtain the encrypted data from the server via brute force, or have they stolen the encrypted data from an authorized client device/app? In the latter case: if they have enough access to steal the encrypted data from you, then stealing the Secret Key is trivial, and your Master Password is what would be protecting you. If they are trying to steal from the server then they'd need both.
Ben
0 -
Let me clarify that for the specific question you asked, @prime. Your Master Password and the Secret Key get blended together. So for the purposes of your question is it "SecretKeyMasterPassword", thought that is not exactly how they get blended together.
And this provides the basis for what Ben said.
- If an attacker gets at your encrypted data from your system they have to guess your Master Password (because they will already have the Secret Key)
- If an attackers gets at your encrypted data from our server, they have to guess the combination of your Master Password and Secret Key
What this means in the later case is that if they somehow guess one or the other (but not both) they will not know that their guess was successful. This is why we do the combination of them instead of making them two separate checks. But I suspect you knew that when you asked your question.
0