How to deal with possible loss of older vault copies?
I'd like to go on this topic again: https://discussions.agilebits.com/discussion/68933/im-concerned-about-the-drop-box-hack-and-if-my-1password-data-is-safe#latest
I'm using 1password since a few years now and its time to change the master password. But how do you people deal with the following problem: if someone has ever captured a copy of my vault by e.g. the breach in dropbox, agilebits says my data is safe because of my master password. But once a copy is captured, one is able to bruteforce either the master password or just break through the encryption. So in theory if I change my master password, I'd need to change ALL of my passwords at once because otherwise the password seems like unchanged because of the outlined problem.
Why is agilebits not making this very clear in their docs and hints in the apps? Or am I missing something?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@ohcibi: Excellent question! In fact, no one is in a position to brute force your Master Password to access your data within your lifetime (unless you are using a very predictable Master Password, and even then they're probably not going to get it quickly due to the slow speed of guessing thanks to PBKDF2). Using a long, strong, unique Master Password (further strengthened using PBKDF2) mitigates this for the foreseeable future. This gets into the weeds a bit off track of what you're specifically asking, but a previous discussion goes into the limits of our collective ability to even compute. I guess what I'm getting at is that the only truly practical way for someone to get into your vault would be to know your Master Password, likely through social engineering (or more sinister means of extracting information). And I guess to answer your question more directly, in that case, you would probably want to change all of your passwords -- after changing your Master Password, of course. I hope that helps at least to put things into context, but I'm excited to see where this discussion goes. :)
0 -
Thanks for answering so quickly @brenty. So what you are basically saying is, cracking the password (granted its at least 8-10 chars long and alphanumeric case sensitive) is as hard as cracking the encryption itself which means that one can follow a "normal" change password every few month policy for all passwords in the vault and just change the vault password itself independently from this as the time needed to crack the vault gives a long enough window where one can change his passwords successively?
0 -
I forgot to add that I'd say you should give a very clear hint for users when they firstly create their master password. Maybe even demand at least 10 chars.
0 -
Thanks for answering so quickly @brenty. So what you are basically saying is, cracking the password (granted its at least 8-10 chars long and alphanumeric case sensitive) is as hard as cracking the encryption itself which means that one can follow a "normal" change password every few month policy for all passwords in the vault and just change the vault password itself independently from this as the time needed to crack the vault gives a long enough window where one can change his passwords successively?
@ohcibi: You're welcome! I'd suggest that 8-10 characters is probably too short though, for a few reasons. Okay, maybe two:
- If you're generating a random word-based password (a great idea, since they're easy to memorize, type, and have great entropy), it should really be at least 4 words long, and 5-7 is good for future-proofing.
- A non-random password of your choosing is going to be easier to guess, so we want it to be at least as long as one you'd generate, and longer is even better.
However if you're talking about a fully random, character-based password, that will be stronger...but also harder to remember or easier to forget (depending on your perspective). So we really need to take into account how a password will be used.
I forgot to add that I'd say you should give a very clear hint for users when they firstly create their master password. Maybe even demand at least 10 chars.
While it isn't perfect, I think the password strength meter does a pretty good job of illustrating how good your password is, with a sickly yellowish colour encouraging you to press on further into green. ;)
But, going back a bit, I think we need to draw a distinction between the Master Password (which I've been talking about up until this point) and the passwords we use to login to websites. The former needs to be memorized and entered manually, but the latter shouldn't be subject to either of those and, as a result, can be long gibberish. There are exceptions (website breach, "security" policies), but for the most part, you should never need to change a password for one of your logins once you've generated a random one of 20 or more characters, as these are truly uncrackable on a human timescale. Changing a password once a month is, in most cases, just making more work for yourself though.
0 -
So what you are basically saying is, cracking the password (granted its at least 8-10 chars long and alphanumeric case sensitive) is as hard as cracking the encryption itself ...
Actually, "cracking the password" and "cracking the encryption" are for all intents and purposes exactly the same thing. Unless you mean breaking the math behind the encryption. But that's an entirely different story
0 -
@brenty of course I meant fully randomly generated passwords with at least 10 chars length. A word based password with 10 chars is of course too short...
While it isn't perfect, I think the password strength meter does a pretty good job of illustrating how good your password is, with a sickly yellowish colour encouraging you to press on further into green. ;)
Sure thing but I wasn't really after the password length in this regard. What I meant is that you should stress the fact that changing a weak password afterwards is of little use unless alle stored passwords are changed as well (as I outlined in my first post) and that one should really use a strong password right from the beginning..
But its been a few years since I set up my vault, so don't bother if 1password is doing that already.
@pervel I don't know what you want to say. I meant guessing the password when I wrote cracking, but that doesn't really matter for the original discussion.
0 -
@ohcibi, well you compared "cracking the password" and "cracking the encryption" as if these were two different things. My point was just that this is essentially the same thing. That is, they way a hacker will break the encryption is by cracking (or guessing or brute-forcing) your password. But if my comment caused confusion, just ignore it. :)
0 -
@brenty of course I meant fully randomly generated passwords with at least 10 chars length. A word based password with 10 chars is of course too short...
@ohcibi: Thanks for clarifying. While it can certainly be done, I'd be lying if I said I'd generated a random character-based password to use as my Master Password. I use something word-based and longer, since I can remember and type it -- especially on mobile devices.
Sure thing but I wasn't really after the password length in this regard. What I meant is that you should stress the fact that changing a weak password afterwards is of little use unless alle stored passwords are changed as well (as I outlined in my first post) and that one should really use a strong password right from the beginning.. But its been a few years since I set up my vault, so don't bother if 1password is doing that already.
I think this goes back to the infeasibility of breaking into the vault in the first place. Certainly if this happened, you'd need to take precautions in case the accounts inside were compromised, but again this requires someone to have access to your vault and the technological means to break into it before everyone concerned has moved on...and I don't see that 1Password could know any of this to make a recommendation based on this unlikely scenario. So I think the approach we've adopted (reflecting password strength back at the user during creation) is more practical, given that it applies to everyone equally and offers real-time, actionable feedback. But certainly another thing to take into account when changing your Master Password is that any backups you've kept of your data will still be accessible using the old one.
@pervel: I'd treat "cracking the encryption" differently, as it seems to imply finding a weakness to make things easier. So far that isn't the case with AES after ~20 years. "Cracking the password" though, as you note, implies finding a weakness in the password, insofar as it is able to be guessed programatically in a reasonable amount of time; but you're right that the end result is the same: access to the data. Ultimately an attacker doesn't care how they get there, only that they are able to.
0 -
@pervel i was making the same distinction as @brenty just did. We as customers cannot do anything about AES except for may be asking agile bits to use something different and I simply wasn't after that at all with my question. But we can do something about the passwords we use. So my post was about password concerns only and shouldn't be a general discussion about the encryption strength or so of AES.
@brenty my point was simply to add (not to replace anything) a note that stresses the importance of a strong password even for the first use and the implications of changing a weak passwords afterwards which are different from changing a normal weak password. First time users might oversee that. But again: I meant that as an additional note/hint and not as a replacement for the already excellent setup.
Let's not make this to complicated 8-). My master pw is fine and my question is essentially answered. I was just giving an idea how to improve security awareness of the users even more than already done.
0 -
my point was simply to add (not to replace anything) a note that stresses the importance of a strong password even for the first use and the implications of changing a weak passwords afterwards which are different from changing a normal weak password. First time users might oversee that. But again: I meant that as an additional note/hint and not as a replacement for the already excellent setup.
@ohcibi: Ah, understood. Thanks for the feedback! It's certainly something we can consider. But I think we need to take into account that someone ignoring the graphical password strength meter's feedback is probably not going to read the text we have there now, much less any more that we add. We'll see what we can do though.
0