Given today's high-profile NYT article on the hack at LastPass ( https://www.nytimes.com/2023/01/05/technology/personaltech/lastpass-breach-password-safety.html?searchResultPosition=3 ), can you share any comments/lessons learned?
Any recommendations re their advice to: "Instead, I keep my own copy of my vault on my computer and in a cloud drive that I control myself. You could do this by using a cloud service such as iCloud or Dropbox." Didn't we used to be able to do this on 1PW?
["LassPassword" corrected to LastPass by moderator]
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Hello @BigDoggies! 👋
For me, the biggest takeaways from that article serve to underline the amazing practices and security features that 1Password has implemented to protect everyone's data. Before I dive deeper I really recommend reading this blog post from our Principle Security Architect which addresses many of the points brought up in the article that you linked to: Not in a Million Years
Now that being said, there are a few practices that make 1Password's security special and I'll draw attention to them in relation to the article that you posted:
1Password encrypts all of the data in your account
All of the information that you save in 1Password is end-to-end encrypted using a private key derived from your account password and Secret Key so that all that we see on our end are encrypted blobs of gibberish. You can read more about what we know and don't know about users here: What we (don’t) know about you | 1Password
We encrypt all fields so that, even if the encrypted blobs were stolen, attackers wouldn't be able to learn anything about the information you have saved in 1Password.
Your 1Password data is protected using both your account password and Secret Key
As mentioned in the first point, your 1Password account data is protected and encrypted using a secret that is derived from both your account password and your Secret Key. A regular user's password is usually about 40 bits of entropy (a measure of how strong a password is) because passwords need to be memorized, this puts a ceiling on the security of any solutions that are protected by just a single password. On the other hand, the Secret Key (which does not have to be memorized) has 128 bits of entropy which makes it impossible to guess or crack using today's technology.
Your account password and Secret Key are never sent to us
The encryption that protects the items that you save in 1Password is designed so that even we are unable to decrypt your vault even if we were compelled to do so and even if a user themselves writes in asking us to give them access if they've lost their account password or Secret Key. There's nothing that we can do to decrypt a user's vault.
The reason for this is due to the fact that the account password and Secret Key never leave your device and they are never sent to us. Instead, we use the SRP handshake protocol to authenticate your account without ever sending your account password or Secret Key over the internet. You can read more about SRP here: How Secure Remote Password protects your 1Password account
Standalone vaults were used before we introduced 1Password accounts and relied on third-party services like iCloud or Dropbox for sync which caused issues when those third-party service changed their API, updated their apps, or went offline. We ran up against the limits of standalone vaults and what they could support technologically and we introduced 1Password.com to push what 1Password can do forward.
Most importantly, 1Password account vaults are much more secure than those older standalone vaults. Standalone vaults were protected using only a singular password which, again, is usually about 40 bits of entropy. The old standalone vaults also didn't include the advanced security features that are available with a 1Password.com account:
There is one piece of advice that I would quibble with from the article:
I personally wouldn't recommend keeping that exported spreadsheet file stored on your devices. Any exported or printed copy of your passwords will be in plain text and so will be readable by anyone who views it. If someone does export their items then they should import those items into the password manager of their choice and then securely delete the spreadsheet file from their device. Encrypting the spreadsheet file itself is another option.
I hope that helps. 🙂
Many thanks for the insight!
The NYT article is behind a paywall but I am not a fan of mass media articles of these types of events. Since I am directly affected by the LastPass breach I have tried to locate articles by experts to help me asses the risk. The links to these are below. First some commentary.
The latest is Leo LaPorte's Jan 4th interview of Steve Gibson on the Security Now! podcast entitled "Leaving LastPass." I have followed Steve since he left Apple and Atari in the 80's to form GRC.com and developed "Shields Up" and "SpinRite." He used to use/recommend LastPass but is leaving it and recommends 1Password (although he is moving to another as he likes open systems)(I am not a fan of such for a password manager).
Start at the 22 min. mark. There's also a transcript. There's also a script to down your own LastPass blob so you will know exactly what the thieves grabbed.
Next is the "well known password cracker," Jeremy Gosney
He is a core developer of Hashcat, a popular OpenCL-based open source password
recovery tool, and widely regarded as one of the world's top password crackers:
named one of the "Top 100 Security Experts" in 2013.
one of the winners of Cloudflare's Heartbleed challenge, and
one of the first to publish a working private key recovery exploit for Heartbleed.
featured in hundreds of news articles, and
served as a judge on the Experts Panel for the Password Hashing Competition.
His rant is here:
And finally there is Wladimir Palant. Software developer and security researcher, browser extensions expert. Founder and CTO at Adblock Plus and Founder and CTO at eyeo.
His four recent LastPass blog posts:
Reader View / Mode is your friend.
It's my pleasure. 🙂
Thanks for posting those interesting links! I'm an occasional listener of Security Now with Leo Laporte and Steve Gibson myself and it's always exciting when they mention 1Password.
I also wanted to bring everyone's attention to a new blog post from our Chief Technology Officer: How 1Password Keeps Your Data Safe, Even In the Event of a Breach
I am happy to learn my post survived moderation. I realize it may be more than most reader want to wade thru. Even so and despite my being just an ordinary user rather than a crypto security expert I am unclear why I should be just reading rather than posting.
I am still in my 14 day 1PW trial and thinking on how to design it as my LP replacement. My LP master pw was in excess of 25 characters using random lower, upper, numbers and symbols with an entropy in excess for 140, But alas I was in the 5000 iteration group. Hopefully the over the top password will offset the lower than current recommended iteration counts.
I want my 1PW to be even longer and to perhaps include non easily typeable symbols like the divide sign (÷) to further expand the character set. A more difficult password will become feasible/useable as I have set up 1PW to be unlocked by Hello fingerprinting and on my Titan M Androids so hopefully I will never has to manually input it again.
Is there a technical explanation of how the secret key differs from how the common previously used salting or padding of the chosen pw practice differs from the secret key? Were the salt or padding tables not as long or random as the secret key?