Why do master passwords for old version 3 for iOS not need to be as strong as those on the desktop?
In a blog post from AgileBits in 2011 on 1Password master passwords, the following statement is made:
"This discussion applies only to 1Password data on the desktops or stored in the cloud. Master passwords for 1Password on iOS do not need to be as strong as master passwords on the desktops."
Why is this true? If someone gets hold of my iPhone or iPad where 1Password is installed and synced with my Mac's desktop 1Password, don't they then have access to all the same data they'd get? Or is the difference that they wouldn't have access to the datafile itself, so wouldn't be able to attack it as easily?
Comments
-
Art, I'm so incredibly sorry for not replying sooner. I thought I already had. I've contacted our Chief Defender Against the Dark Arts (Jeff who wrote that post you're referencing) and hope to have a "real" answer shortly. I just want to make sure you know that we saw your post and are not ignoring you. :)
PUZ-13425-537
0 -
Hi Art,
First some background: The data format that is used on the desktops (and stored on Dropbox) works well on certain kinds of file systems, but would be painfully inefficient if it were to be used directly on iOS. So 1Password actually "translates" the 1Password.agilekeychain into something that it can use efficiently on iOS. In 1Password 3 on iOS this could be encrypted using the Master Password on iOS.
The advice that Master Passwords don't need to be as strong on iOS than for the 1Password.agilekeychain was based on the assumption that it would be harder for an attacker to steal a copy of the 1Password data from a phone or iPad than from your desktop or Dropbox. This is still true (as long as you use a passcode lock on your phone). The general iOS security makes it harder to get data off of it than it is to get data off of a stolen computer.
Several things have changed that now tip to balance to use using the same Master Password everywhere. One is that we don't want to rely quite so heavily on iOS security in general. A lot of people don't use device passcodes, and the range of attacks on iOS devices is growing. By using the same Master Password everywhere, we don't have to store obfuscated forms of the Master Passwords in the iOS keychain for automated synching.
And while it remains true that it is still harder to get data off of a stolen phone than off of a stolen computer, phones get stolen much more frequently. And so that needs to factor into relative risks.
Another thing that changes the relative risks of getting data off of different sorts of devices is that modern operating systems now have good, easy to set up, full disk encryption (FileVault 2 on OS X, Bitlocker on Windows). As more people configure their desktop computers with these the difference in "ease of getting data off of a stolen device" is reduced.
As you can see, straight forward security questions often have not so straight forward answers. But I'm happy to clarify any of this.
Cheers,
-j
–-
Jeffrey Goldberg
Chief Defender Against the Dark Arts @ AgileBits
http://agilebits.com0 -
Jeffrey - thanks. The energy and time you guys are willing to put into this forum to help us all with security is really admirable.
I get the point. I also read from the links you provided and saw the following comment (written by you, I think, about a year ago)
"...The Master Password that I use on Mac and Windows is complex enough to be entirely unusable on an iPhone. This means, however, that my Master Password on my iPhone and iPad are substantially weaker than what I use on the desktops...I think you're saying that ideally one would use the same Master Password on all devices, the iOS AND the desktop/laptop ones. Of course the problem with this--as you note-- is that it is much more cumbersome to type complex passwords on an iPhone or iPad than on a desktop. I don't think I'd be willing to do it, as often as I currently refer to 1Password on my iPhone.
0 -
Art,
Thanks for the feedback, and the kind words!
Yes, either the same password or one of equal strength would be ideal, but as you mention many folks are unwilling to do that. It is simply overly cumbersome to type a super complex password on a mobile device whereas keys are much more accessible on a desktop/laptop keyboard.
There is always a compromise and a balance between security and usability/convenience. The strongest safe in the world is one that is impossible to open. But that isn't very practical. 1Password tries to have some of that balance built-in, but when it comes to how strong of a Master Password to use, that balance is entirely up to you.
Thanks!
Ben
0 -
Thank you for this explanation, I was also wondering about this sentence in your article.
There is still one thing you don't mention —at least not in the articles I read— that I'm not really sure about. In iOS, there is a setting for the delay the device waits before asking the password. What is the real influence of this setting on the security, according to your expertise? Sorry if it's a dumb question, but it always feels a little counterproductive to try to find a strong password with those kinds of settings, but maybe I am just being paranoid...
Anyway, thanks a lot for your incredibly useful articles. I try to educate myself and my friends about passwords, and you've been really helpful! I think I'll end up translating in French your whole blog to allow my friends and family to have access to the most precise informations about security I know.
0 -
I, too, would like to know the answer to iChe's question. I had previously said to Request After 10 minutes but this got negated by me also turning on the Lock on Exit toggle. So each time I went back and forth between apps, I would have to reenter the Master password. What do you guys at AgileBits actually set your iOS 1Password settings to? Do you use the Quick Unlock Code option, which seems even less secure? I'd love to know what you guys do.
I just spent about an hour upgrading my Master password into what I hope is a very secure password. It's long but I followed the directions/suggestions in your Master password blog entry along with the ReadMe file that came with one of your suggestions you linked to in your hashcat blog post. I've spent an hour just repeatedly unlocking my Mac 1Password app as well as my iPhone app so I can learn it. Then I read this thread about the possibility of having a different Master Password on my iOS devices. I didn't know that was even a possibility and as was pointed out above, a shorter iOS password is less secure. So even though my password now nearly takes 40 keystrokes on my iOS device, I will continue to carry on and see if it drives me completely up a wall when it comes to real world use.
0 -
…thanks a lot for your incredibly useful articles. I try to educate myself and my friends about passwords, and you've been really helpful!
Thank you for your very kind words, @iChe!
I think I'll end up translating in French your whole blog to allow my friends and family to have access to the most precise informations about security I know.
Let us know if you post them somewhere. Perhaps we can incorporate links into the existing blog posts. No promises, but at the very least it would be great to see them and link to them when supporting other French-speaking users. :)
What do you guys at AgileBits actually set your iOS 1Password settings to? Do you use the Quick Unlock Code option, which seems even less secure? I'd love to know what you guys do.
@millca: The Quick Unlock Code reverts to prompting for the Master Password after just one failed attempt, so it is not feasible to brute force it. One only gets a single chance to get it right. :) I personally use the Quick Unlock Code with the "Lock on Exit" option enabled, so I always have to enter at least my Quick Unlock Code when opening or switching back to 1Password on my iOS devices. In practice, I usually only have to enter the Quick Unlock Code since I use 1Password often enough, but if I restart my device or iOS "manages 1Password out of memory" then I do need to enter my full Master Password.
You can read more about the Quick Unlock Code and how it is designed to work in the User Guide. Reading that may help you get a better idea of what sort of Security settings you want to use.
I hope that helps. Please let me know.
0 -
@iChe asked a really great question
What is the real influence of [the Request After] setting on the security, according to your expertise?
The short answer is in practice having 1Password locked with the QUC is nearly as secure as having it locked with the Master Password. But this wouldn't be the case if 1Password didn't require the Master Password after it is completely shutdown.
Now for the not so short answer:
Request After for Master Password.
When you enter your Master Password, 1Password computes an encryption key from it.1 I'll call this the master key. The master key is then used to decrypt portions of your data as needed.2 1Password, when it is unlocked, will hold the master key in its memory. With the master key in its memory, it can do all of the stuff that you expect it to do when unlocked.
The "Request After" setting for the Master Password is telling 1Password when it should forget the master key. It will always forget the master key when the program fully stops (for example when the phone is turned off). Setting to "Never" means that 1Password won't deliberately forget the master key, but it will forget it when the program is fully shut down.
Request After for Quick Unlock Code
Suppose you have switched away from 1Password because you want to show someone the pictures of your cat on your phone. 1Password hasn't forgotten the master key, but you don't want the person you've handed your phone to to be able to switch back to 1Password. If you have this set to "On Exit" it means that when you switch away from 1Password, you will need the QUC to get into 1Password again.
If someone enters the QUC incorrectly, 1Password will immediately forget the master key. And so the only way that any of its data can be decrypted is if the Master Password is entered again.
Security differences between QUC and Master Password.
We can consider three different states 1Password can be in.
- Fully unlocked
- Requires QUC
- Requires Master Password.
In state 2 1Password will still have in its memory the master key. So under some extremely limited (but not completely impossible circumstances) if someone could get hold of your phone and manage to run a memory dump on it during that time (without having to reboot the phone) then in principle they might be able to extract the master key. That is not a threat that I worry about at all, but it is the security difference between the states 2 and 3.
So in practice having 1Password locked with the QUC is nearly as secure as having it locked with the Master Password.
I hope that this gives a fuller sense of what is going on behind the scenes.
Cheers,
-j
–-
Jeffrey Goldberg
Chief Defender Against the Dark Arts @ AgileBits
http://agilebits.com0 -
Thank you khad and Jeff for your responses. Glad to understand a whole lot better what is going on in the background of 1Password on iOS. This is an amazing piece of software and I'm continually being blown away by how well thought out all of its security features are. It makes recommending the app so much easier.
0 -
Thank you both for your answers. I'm all better now!
Since we're talking about the QUC, don't you think it would be more effective if we had a numerical keyboard on the iPad while entering the QUC, like we have on the iPhone? What I mean is, for me, when I enter passwords with numbers, I don't really think about the numbers themselves, I just know how my finger “dances” on the screen. On the iPad, I can't use that because the numbers you show us are aligned, instead of being on the traditional 3 by 3 numerical keyboard. I understand that it would mean redesigning a little, since the iPad has a wide screen, and we wouldn't want the 3 by 3 keyboard to be stretch horizontally, but still, I would be a great feature, I think.
@khad I would be very honored to give you my translations if that can help you spread your knowledge about security and password to French-speaking users, and soon-to-be users too.
0 -
… don't you think it would be more effective if we had a numerical keyboard on the iPad while entering the QUC, like we have on the iPhone?
Yes. :) This is something that is on our list, but I can't say when/if it will be available.
@khad I would be very honored to give you my translations if that can help you spread your knowledge about security and password to French-speaking users, and soon-to-be users too.
Great! You can send me links and info via PM if you like. I'm always available.
Cheers!
0 -
Of course, right now since it does not have the numeric keypad on the QUC, an attacker has more possibilities to guess at, therefore better security, I presume.
Thanks for all the info re. QUC. Now I feel comfortable using it.
What about these devices that law enforcement (and presumably others) can use to dump your phone data? Do they work on an IOS device that may still have the master password in memory?
Thanks, Richard0 -
Of course, right now since it does not have the numeric keypad on the QUC, an attacker has more possibilities to guess at, therefore better security, I presume.
Perhaps an attacker who had no knowledge of the app and didn't know what "Enter Quick Unlock Code" meant. I wouldn't put much stock in that. :)
What about these devices that law enforcement (and presumably others) can use to dump your phone data? Do they work on an IOS device that may still have the master password in memory? Thanks, Richard
Good question. I'll check with Jeff for the specific details.
0 -
I can't claim to have carefully analyzed all of the tools that are available. In those cases where I have looked, I've found that their marketing material and press releases can leave one with an exaggerated sense of their capabilities.
My understanding is that getting a memory dump requires first jailbreaking the phone and then installing your memory dump software on it. A jailbreak requires a reboot, and so anything in 1Password's memory will be gone by the time the jailbroken device is booted.
As I said, I haven't reviewed everything and every claim out there, but I am reasonably confident a jailbreak (involving a reboot) is required to be able to dump memory.
You might wish to take a look at this article on the claims of one such tool, including advice on setting a device passcode.
http://blog.agilebits.com/2012/03/30/the-abcs-of-xry-not-so-simple-passcodes/
Cheers,
-j
–-
Jeffrey Goldberg
Chief Defender Against the Dark Arts @ AgileBits
http://agilebits.com0