
Should you be concerned about LastPass uploading your passwords to its server? - arthurfm
https://palant.de/2019/03/18/should-you-be-concerned-about-lastpass-uploading-your-passwords-to-its-server/
======
jzl
The threat scenario described by the article: If someone within LastPass
wanted to gain access to your passwords (e.g. rogue employees, or via court
order) there is a way that the extension could be made to upload your vault
key back to LP _if_ you click on certain things within the extension, namely
some parts of the preferences, or something like that. Any such change would
be publicly detectable, but could theoretically be targeted to avoid
widespread notice. So in other words, the vault itself is not fundamentally
flawed, but the design of the current extension doesn't proactively firewall
against LastPass turning into a bad actor.

My $.02: Given that all the cloud-based password managers have their own phone
(and even desktop) apps, this seems like a moot point since a bad actor could
push out an app update that does anything with your keys anyway.

As a long-time LastPass user I appreciate this kind of analysis, but this is
just not something I have enough cycles in the day to let bother me. BTW the
last time I opened my preferences was 3 years ago. LastPass is quite open to
scrutiny and what's important is how responsive they are to new findings --
very responsive, from everything I've ever seen. Including many findings from
the author of the article.

By far the biggest problem with LastPass is that it sometimes just doesn't
apply (or misapplies) the password or username to the appropriate form
entries, and I have to go find it and copy it. Occasionally it also misses the
saving of a new password (that it generated) and I have to put it in the vault
by hand. I suspect this is a really hard problem given the massive variety of
forms out there, but would be curious to hear if other password managers
_never_ have these issues.

~~~
vezycash
The user experience declined slightly after lastpass got acquired.

For a year or two, lastpass for Firefox didn't have the copy option for
usernames and passwords. I had to edit, show password, then copy.

The autofill problem became pronounced after the acquisition as well probably
through no fault of the new owner. Many sites like Google and Microsoft have
switched to a multi-step login process where username is entered first and
password is entered on a different page

Also a proof of sites abusing autofill & hidden forms to steal passwords
probably influenced the current situation.

~~~
nukeop
Just use Bitwarden now. It has everything Lastpass has, used to have, and
more. And most importantly, you can run your own server.

~~~
bananaoomarang
Also switched to Bitwarden the other day and it's far superior. None of the
irritating bugs Lastpass extensions/integrations had, works perfectly on
Firefox, Android, 'web' etc. In general it feels a lot less clunky and it's
Firefox addon for instance has many more quality of life features.

------
gcommer
I recently made the switch from LP to bitwarden and have been incredibly happy
about it. I can self host everything + the autofill and UI polish (browser
extensions, mobile app, CLI) is much better. AND it's FLOSS ((A)GPLv3).

Even including the self hosting setup, my all-in migration time was <30
minutes.

I looked through a ton of other options like keepass and the author's own PfP.
But mobile, web, and yubikey support are all very important requirements for
me.

~~~
donkeyd
In the comments on the article, someone asks about Bitwarden. The author
mentions there's a possible vulnerability, but in depth research isn't worth
it, because he doesn't get paid for reporting vulnerabilities. This scares me
about all these 'better than Lastpass' open source alternatives. First, they
tend to get less attention from the infosec community. Secondly, I need to
make sure to properly secure the server I'm running it on myself, of which I'm
not 100% sure I can do myself, nor most developers I've worked with, let alone
any person not working in IT.

~~~
htfy96
Bitwarden paid for a third-party security audit last year and no major issues
were found.[0] They also have their own bug bounty program at [1].

[0]:
[https://cdn.bitwarden.net/misc/Bitwarden%20Security%20Assess...](https://cdn.bitwarden.net/misc/Bitwarden%20Security%20Assessment%20Report.pdf)
[1]: [https://hackerone.com/bitwarden](https://hackerone.com/bitwarden)

~~~
org3432
Audits can be hit and miss, I’ve seen high quality code review companies just
miss major and obvious mistakes in the security by simply not tracing the
execution logic step by step in critical code sections and instead just scan
the code for common known mistakes based on code fragment matching.

~~~
craftyguy
> Audits can be hit and miss,

The same could be said for proprietary applications, which may never see third
party audits because 'meh, customers have no access to our source and IP
protection or something'

------
pinjiz
Password managers like LastPass and 1Password have a significant advantage
over offline database tools like KeePass: You can easily share individual
passwords with your co-workers in a somewhat secure way.

KeePass for instance lacks the ability to do just that. You can either a)
share the entire database or b) use multiple databases with different
passwords. However, a) is not secure as your co-workers get access to
passwords they do not need and b) is very inconvenient.

LastPass (or 1Password, Bitwarden) makes sharing individual passwords within
your team very easy, convenient and secure enough. You can create shared
folders and define permissions to access those by certain members of your
team, and most importantly, deny access to other members. Is there any offline
based password manager that allows you to do that (and is usable by the
average Joe)?

~~~
trickstra
when is it a good idea to share a password with someone anyway?

~~~
geofft
Some scenarios I have seen:

\- You have a social media account that a group of people should be able to
access. (Facebook does this "right," in that pages don't have their own login
credentials, and you go through your personal Facebook account to access the
page. But I kind of wouldn't want to use my personal Facebook account for
work, anyway. Twitter, Instagram, Reddit, etc. treat each account as its own
log-in-able entity.)

\- You have an AWS account where you want to avoid a single point of failure
for the root credentials. Yes, each person should use their own IAM creds for
day-to-day use, but if person X is unavailable person Y should be able to get
to things. (And for casual projects, "learn about IAM" is a significant burden
over "learn how to upload pages to S3" for limited benefit.)

\- You have a web hosting account from someone who's not AWS who gives you a
single username and password. Or a DNS registrar account (most registrars I've
seen don't let you split up access). Or whatever.

\- You have a shared email account for replying to things as a team, or even
for just archiving emails. Again, some systems do this "right" \- if you're
using Exchange, you can allow one user to access another user's inbox. But
most people aren't on Exchange, they're on something like Gmail.

\- You have an account for some service where you shouldn't be sharing
passwords according to the service, but doing so is strictly in the service
provider's benefit, not yours. Netflix is the canonical example.

~~~
sneak
Your root AWS account should have 2FA, and storing TOTP seeds in your cloud
password manager makes it 1FA.

~~~
geofft
I have 2FA on my shared AWS account - my project partner and I both scanned
the QR code at the same time. (You should be backing up your QR codes anyway
in case you lose/break your primary phone; scanning it simultaneously with a
secondary phone is a great approach for this.)

Even if this weren't possible, it would still be better to use 1FA than to
arbitrarily pick one person to have root account access and lock the other
person out simply because you "should" have 2FA.

------
grewil2
I am using pass - the standard unix password manager. It's simple and just
works. It's built on gpg and git, and resides on any disk you like.

[https://www.passwordstore.org/](https://www.passwordstore.org/)

~~~
8fingerlouie
I also started using pass when migrating. I've been nothing but happy with it.
It's fast, easy to host either at home, or through Bitbucket or Github, and
has clients (which IMO could all be better) for just about everything i need.

I wish the iOS app would support tombs/vaults though.
[https://github.com/roddhjav/pass-
tomb#readme](https://github.com/roddhjav/pass-tomb#readme)

------
astrodust
LastPass is just so damned ugly and terrible to use compared to well crafted
products like 1Password.

It's like the phpMyAdmin of password storage.

~~~
givehimagun
I don't get the hate. I've been a LastPass user for 5 years and it works for
me most of the time. I've dabbled in 1Password, Chrome native password
management, Firefox native, random Hacker News password manager
recommendations. LastPass...still the best off...AND I got my brother and dad
to use them and get excited about password safety.

What's so terrible about people using better and better passwords? It's not
perfect but I am so much happier with my dad using LastPass versus the shitty
password strategy he had before...it was post-it note password management.

~~~
jrockway
Yeah, I also think it's interesting. I have been using LastPass forever and
use 1password for work, and LastPass seems a lot easier to use for me. Both
are better than using "password" as your password.

I will admit that I don't store my Google password in any password manager.
That is the root of trust for everything, so I remember the password and use
2FA. The other accounts aren't as important.

~~~
auslander
> ..my Google password in any password manager. That is the root of trust for
> everything

Why? Google is an Ad company...

~~~
vnnkov
Because usually Gmail is the place through which we can restore any other
account.

~~~
auslander
Google for people getting blocked by Google ;) And there is nothing you can
do.

------
pimeys
I use KeepassXC which I sync to my home NAS from two computers and my phone.
Keepass DX is the best Android app I've found and it supports opening the
database with your fingerprint.

I don't see the fuzz here if needing to have a browser extension. When a site
asks me to login every now and then, I'm ok with opening the app and copying
the password.

~~~
finchisko
Yes, KeepassXC rules them all :). I use KeepassXC on Linux and Windows,
macPass on a mac (has same db format, but macOS Aqua interface) and
MiniKeePass on a iPhone. I use two keepass databases (as data loss
prevention). For Linux and Windows db is stored on a Dropbox. On a mac and
iPhone on a iCloud. I merge them once a while.

However for many years I used just a single db for every device and didn't had
a single problem with it. Started to used two, after I switched from Dropbox
to iCloud on a mac and iPhone.

~~~
trickstra
try Syncthing instead of Dropbox and you will be completely free of any third
party provider risk

~~~
ChrisRR
I personally use Syncthing, and it's fine as long as the computer you're
trying to get data from doesn't go down at any time.

~~~
Ajedi32
Syncthing is peer-to-peer, so I believe you'd only have a problem if _all_ the
computers you're trying to get data from go down at the same time.

------
zumzumzum
Just a little PSA, 1Password7 let's you run entirely on local vault files. I
have a NAS at home (Synology, but you could use whatever) to sync that vault
file between it and all my devices, mobile included, only on wifi. I subscribe
to 1Password's monthly model with the cloud services, but I just don't use any
of them, and they have settings on every client which let you choose the
default vault for saving, and I just use the local one. Best in class apps,
local password storage only. Best of both worlds, unless there is some angle
I'm missing.

~~~
tzs
> I subscribe to 1Password's monthly model with the cloud services, but I just
> don't use any of them, and they have settings on every client which let you
> choose the default vault for saving, and I just use the local one.

For those who wonder why one might subscribe to the cloud service when one is
only going to use local vaults, rather than buying a license for the non-cloud
version, the non-cloud version requires separate licenses for your Macs and
for your Windows PCs, and major upgrades cost a substantial fraction of the
initial price.

With the cloud service one purchase covers all your devices and all major
upgrades for as long as your subscription is active.

I think it worked out when I did the math almost a year ago that if you have
both Macs and PCs, then the cloud came out cheaper if you assumed a major
upgrade every couple of years.

------
Razengan
I've only ever used Apple's iCloud Keychain [0]. It has always worked great,
and seems to have good security in order to enable; it asks for the local
login password that you signed onto one of your other devices with, but it
feels scarily easy to see ALL your passwords in plaintext with just a single
Face ID authentication.

I'd be more comfortable with bio-authenticating per password (though that
might use more battery) and preferably asking for the password/code if you
look up more than 5 passwords too quickly, but I'd rather have to trust a big
company than a smaller third-party that gets acquired and sold around.

What are the advantages of LastPass and other password managers over iCloud
Keychain?

[0] [https://support.apple.com/en-ae/HT204085](https://support.apple.com/en-
ae/HT204085)

~~~
SamuelAdams
LastPass is cross platform. I use an iPhone, a Windows 10 desktop, and a linux
laptop. How do you access iCloud Keychain on non-apple devices?

~~~
bigbadgoose
I slack them to myself, of course

------
dbg31415
All the hate towards LastPass... but man, there are so many great tools with
LastPass that the other services simply don't have yet.

Given I haven't looked into it in a year or so... but the Dead Man's Switch
alone makes it worthwhile for me. My lawyer has this, and 30 days after I kick
it he can go in and delete all my accounts.

Sharing passwords with a team, it's really helpful. Being able to share
access, but not the password itself... really nice feature.

The password audit, showing me how old my passwords are, or which ones are
weak... it's nice to have a sanity check on all this stuff.

Anyway, been on LastPass for a decade or so... tried a few others, always find
myself back with LastPass since the others don't quite have all the features I
want.

~~~
bwoodruff
> Sharing passwords with a team, it's really helpful. Being able to share
> access, but not the password itself... really nice feature.

1Password offers this as well. Not allowing the end user to reveal passwords
it isn't an ideal solution. The password can easily be obtained by anyone who
is capable of using the browser's developer tools. Simply inspect the input
element after it has been filled and the browser will give the secret away.
The only way to be sure someone doesn't have access to an account after you've
shared credentials with them (even "hidden" credentials) is to change the
credentials for that account.

> The password audit, showing me how old my passwords are, or which ones are
> weak... it's nice to have a sanity check on all this stuff.

1Password also offers these sorts of checks.

> Given I haven't looked into it in a year or so... but the Dead Man's Switch
> alone makes it worthwhile for me. My lawyer has this, and 30 days after I
> kick it he can go in and delete all my accounts.

This, admittedly, we haven't found a good secure way to implement yet. Our
current recommendation is to share your Emergency Kit with your lawyer, or
whoever needs access, perhaps in a sealed envelope marked to only be opened
upon your death.

Full disclosure: I work for 1Password.

~~~
dbg31415
Thanks, saved me having to look at things myself.

You'd know, is there a tool that would let me migrate all my passwords from
LastPass to 1Password? I think I have like 3k passwords and the thought of
manually building that DB up again is daunting.

------
ubermonkey
I know it's probably simplistic, but I'm horrified by the shift in the
password vault market from local control and security to this cloud-based
model. Even my choice, 1Password, has gotten on board - though it's still
possible to store locally and avoid their sync, thank goodness.

~~~
dddddaviddddd
Agreed, I expect to leave 1Password when/if they remove local storage or make
it untenable.

------
woile
I use gopass. It's like an extension of pass. The difference is that it has
support for multiple stores. And you can add different people to the stores
and synchronize each store with git. I wrote a tutorial and a cheatsheet
(mostly for me)

[http://woile.github.io/posts/sharing-team-
secrets/](http://woile.github.io/posts/sharing-team-secrets/)

~~~
alexozer
Nice reference! On Linux I have a keybinding which opens a terminal with a fzf
listing of my password entries. when I select the name I want, it types the
password with xdotool into whatever is focused. I bet it's just as fast if not
faster than the browser password managers' autofill.

------
vishwasanand
Wonderful article. Even we were working on the similar issue. One way could
be, instead of using Symmetric key (probably stored in the browser - hence not
safe) to encrypt passwords before sending to LastPass server, they could have
used Asymmetric crypto system. Solution similar to this can be very helpfull
in this case :
[https://www.youtube.com/watch?v=Slhwunm4oT0&feature=youtu.be](https://www.youtube.com/watch?v=Slhwunm4oT0&feature=youtu.be)
Notice the private key never leaves the mobile device and hence the client
does not has to trust on LastPass browser client.

~~~
mav3rick
Firefox Send uses something similar.

------
JumpCrisscross
What password manager does tptacek use?

~~~
skelin
1password it seems:
[https://news.ycombinator.com/item?id=14777726](https://news.ycombinator.com/item?id=14777726)

I’ve also seen it recommended by Troy Hunt (haveibeenpwned creator):
[https://www.troyhunt.com/password-managers-dont-have-to-
be-p...](https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-
they-just-have-to-be-better-than-not-having-one/)

(I’m using bitwarden myself, couldn’t justify the subscription cost for my
usage)

~~~
jammygit
I'm also using bitwarden, but palent seemed skeptical about it in the
comments. Here's a copy of the comment:

Reply from Wladimir Palant:

Unfortunately, I didn’t make notes last time I looked into this – the issues
simply weren’t serious enough for reporting. And I only looked at a small
portion of the codebase, so when I look at it now it will probably be some
different code paths. So the getDomain() function I see under
[https://github.com/bitwarden/jslib/blob/dd46d5ecdd51f91dace5...](https://github.com/bitwarden/jslib/blob/dd46d5ecdd51f91dace5488272dd1f7bafd995c5/src/misc/utils.ts#L169)
is indeed using URL objects. It also knows that tld.js won’t handle IP
addresses correctly, but it will only consider IPv4 addresses in dotted
decimal notation and not IPv4 addresses in other notations or IPv6 addresses.
All of that appears to be a minor risk but not an actual issue – assuming that
URLs are already normalized when they get here (ok, let’s ignore the code
prefixing URLs with [http://](http://) here).

The code at the bottom of this function is quite problematic however. Rather
than ignoring non-HTTP URLs, this function will pass them to tld.js. But
tld.js isn’t aware that non-HTTP URLs can have different semantics, so it will
happily return “example.com” when it is fed something like
“data://example.com,asdf/”. Oops, I think that one might even be exploitable…

I think I’m going to stop here. This needs a structured effort, not spending
ten minutes every now and then. As I said, the codebase isn’t bad. But there
are obvious issues that shouldn’t have been there. As always, spotting the
issues is the easy part – proving that they are exploitable is far harder. I’m
not going to spend time on that right now, so let’s just file these under
“minor quality issues” rather than “security problems.”

------
mythrwy
Why take chances or add complications?

[https://www.passwordstore.org/](https://www.passwordstore.org/)

Keep it simple, keep it local, keep it CLI.

~~~
doublepg23
I am a password store user, however it _is_ a very nerdy solution. The use of
git is it's biggest strength because you can host it yourself super easily,
but your also stuck with git's awful ux. Also the lack of file name encryption
limits the options of using free git hosts - maybe that's for the best, but it
clearly limits adoption even more.

~~~
leg100
All the major git providers provide free private repos.

~~~
doublepg23
The file names being stored in plaintext makes unwilling to recommend even
private git servers - if your worried about leaking which porn or torrent
sites you use.

------
cik
I store everything in a Keepass. I maintain that keepass on a SpiderOak Hive
that syncs between multiple machines, and mobile. The password for SpiderOak
is not one I know - it's in my password safe _and_ written on paper in a
safety deposit box.

The password for my password safe is one three passwords I know: unlocking my
root partition, my desktop account passwords, and this.

I have infinitely more faith in something whose encryption is zero knowledge
with multiple tiers, as opposed to LastPass. I'll never understand the notion
of password as a service being an acceptable risk.

------
auslander
I use KeepassXC, sync the DB via file syncing, no 3rd party servers to trust.

------
systematical
I assume last pass will be hacked someday. And when it is that person will
have my Reddit, Hacker news, amazon etc.. But not my email or financials. I
store super important items to human memory only. For many accounts like my
github they will have to defeat two factor authentication. I hope people keep
polling password managers for exploits to make it more secure. I know it's not
perfect. I understand the risk-reward.

------
yinyang_in
I never got comfortable with lastpass or 1password, i usually find enpass in
middle ground. They don't have recurring cost to maintain webserver and
security.

For me ideal is keepass but once got db corruption when syncing with dropbox
like service. Hence went with enpass which allows me to sync password across
devices and encrypt with keyfile and master password like in keepass.

.

------
FullyFunctional
For me, cross platform, offline access, and good UI are paramount. LP checks
all that but random scripts on a Linux command line doesn't even remotely cut
it.

Firefox's password safe comes close it seems, but I haven't read too many
opinions about it.

------
izzydata
Isn't the goal of password managers like LastPass convenience at the cost of
security? They might take security as seriously as they can, but it is
ultimately less secure than memorizing dozens of unique passwords if you
could.

~~~
lvh
Not only do humans demonstrably not do that, no: they cant memorize that much
data. Secondly, a password manager does not have to upload your passwords
anywhere directly, they can be protected with a master password or a different
encryption mechanism (eg smartcard).

------
hello_tyler
Since no company is totally secure, of course you should be concerned. I would
never use a cloud based system even if it is more convenient. I'll stick with
a local keepass backups thankyouverymuch. Though I suppose if I was a real
target I would trust LastPass before my own security.

------
rdl
I never really trust a binary provided by someone which also talks to a server
operated by the same entity. There is no way for me to audit an arbitrary
binary (or application with source, in any reasonable way), particularly since
it is regularly updated on both ends.

------
dontbenebby
As a die hard linux geek, why does the PW manager have to handle cloud
storage?

I use keepass + spideroak to sync.

Keeps things simpler, IMHO. Maybe slightly more effort to log into things but
I value having control and simplicity in my workflow.

~~~
sneak
Many of us often use the web on our telephones.

------
jonathanstrange
I use my own password manager and would not trust many proprietary third-party
developers to get things right. Most of them have a long history of failures.

It's safer to self-host and store encrypted backups elsewhere for integrity.
If you're not familiar with encryption or cryptanalysis, then you can use some
open source encryption programs and a text file on an encrypted partition.
That's a thousand times more secure than any proprietary online password
manager.

For some passwords it is also more secure to keep them in plaintext on
physically secured notes. It depends on the threat scenario.

------
Spooky23
You should always be concerned about giving private information to third
parties.

The integrity of that information is only protected by your contract and the
law.

------
edoo
If you can login to a browser and use the one password they can reset on a
whim to pull your passwords then it is all in their hands anyway.

------
ploped
Curious about your thoughts on the macOS keychain app? is it a better solution
than Lastpass or any other passwords manager?

------
djhworld
I subscribe to 1password where your data is synced to their servers.

I'm not sure if this is a good idea now that I've read this...

------
squegles
Wow, I was thinking about this just yesterday. LastPass should offer some kind
of self hosted version for businesses.

------
godzillabrennus
I’ve been using Lastpass for years. It’s not as unique as it once was but it’s
still good.

Anecdotally, Joe Siegrist personally emailed me when I launched my first SaaS
product to say he liked it. That felt great.

Sucks that Logmein bought it (horrible company who hates their customers) but
glad he got a win out of that business for himself.

------
Kiro
Am I the only one who uses Google's built-in password manager?

~~~
tsukurimashou
If you mean Chrome you shouldn't do that, Chrome stores your passwords in a
SQLite database locally, anyone can access that very easily

------
ronnier
I am. So I don’t use it.

------
kome
I never used a password manager, call me paranoid, but giving my password to a
third-party (often not free software) for me is just pure madness.

~~~
scbrg
Well, there's plenty of password managers that _are_ free software. Why not
use those?

------
Deestan
So given the requirement to access passwords across multiple devices, what
alternatives exist that stand up to similar scrutiny?

Ease-of-use and "looks pleasant" be damned, just security-wise.
[https://www.xkcd.com/937/](https://www.xkcd.com/937/)

~~~
trickstra
Keepass + Syncthing (with staggered backups)

~~~
timw4mail
This seems like the best solution for syncing with Keepass, especially since
every new sync target needs to be approved.

Sharing password files via Dropbox, Google Drive, etc. is convenient, but how
is that really different than what Lastpass does?

With Syncthing being peer to peer, there's a lot less opportunity for someone
else to even know your password file exists.

------
Causality1
I've never trusted password managers. I write the unique portions of my
passwords in a notepad and combine those with a common but unwritten
alphanumeric sequence to form my full passwords.

~~~
ben-schaaf
What if someone gets a series of leaked passwords from you, can they get back
the alphanumeric sequence and brute force the unique portion? What happens if
your notepad gets stolen, do you have backups?

~~~
Causality1
The uniques are quite long so good luck trying to brute force them. As for it
being stolen, it doesn't leave my house. I've never been robbed but if I was I
doubt they'd steal a small worn notepad sitting in a desk drawer.

~~~
DanBC
The question was about backups, not about what a thief would steal.

What happens if your home burns down: do you have backups of the notebook?

------
Phenix88be
I don't understand how people could use LastPass or any company that provide
cloud password manager.

Any password uploaded to a server you don't control should be considered
disclosed. They can say what ever they want about their encryption pipeline,
even release it as open source software, you can't be 100% certain that they
run it unmodified.

You simply can't trust a company (that want to make profit at any cost, like
all companies) with profitable data (like your login/password). One day
someone will sell them.

~~~
ramraj07
Paranoia is good but do you also never go in any vehicle? Surely you know
people die in them all the time!

Everyone takes some risks and the vast majority of people I trust to take the
most calculated ones use a password manager. Incidentally I do too. However I
do not upload my bank passwords, and my Gmail / Facebook passwords there, so I
did account for the absolute faint possibility of LastPass being compromised.
I guess I just don't care about my Reddit or HN account that much!

~~~
Phenix88be
We are talking about login and password, not cars.

Taking drugs is also a calculated risk, still, most people agree that you
shouldn't...

------
mnm1
I wouldn't trust any password service that uploads my data anywhere, with or
without the key (though especially with the key like here). I wouldn't trust
it if it uploaded the password data to Dropbox or any similar service under an
account I own. Even if the data is encrypted, someone can get access to it and
work on decrypting it offline. That's simply too big of a risk considering the
power of state actors, although I assume state actors would just get the data
directly from each website and not need my passwords. Still, can't assume
anything about any adversary. Others could certainly be capable of cracking an
encrypted file offline.

~~~
Deestan
> Even if the data is encrypted, someone can get access to it and work on
> decrypting it offline.

That fear is irrational. While you go on to describe one reason for that,
another is that cracking a solid encryption isn't something people can just
do.

The vast computer power necessary to _maybe_ crack something like a humble
RSA1024 in 8 years can more easily make enough BitCoin to buy a small nation.

~~~
maibus2
This is not an irrational fear given how Last Pass and many other password
managers are designed. Last Pass (and others) derive encryption keys from
their users passwords (via PBKDF-2).

Thus a (smart) attacker needn't guess the user's encryption key directly. They
just need guess the user's password, "hash" it via PBDKF-2 with the proper
params and see if it decrypts the data.

Using a sub $1,000 GPU and a table of common passwords obtained from popular
website database leaks it's not that hard to crack the average joe's vault.

~~~
kingosticks
You are assuming Joe would use a "common" password to encrypt their highly
sensitive password vault. Joe only has to remember one password since moving
to a password manager. Even my mother uses a decent password for that. I'm not
saying your situation isn't feasible but Joe has failed to use the product
properly.

I think i saw that some of these managers have integrations with
[https://haveibeenpwned.com/](https://haveibeenpwned.com/) and that could
extend to the vault password too. Maybe it already does.

~~~
maibus2
Yes. Given how mass data leaks have shown just how bad people are at choosing
passwords - I think it's a very safe assumption that a large proportion of
Last Pass users have weak, easily guessable master passwords.

The ironic thing here is randomly generated passwords produced by a password
manager are highly likely to be more secure than the password that protects
the password vault itself.

~~~
bwoodruff
> Yes. Given how mass data leaks have shown just how bad people are at
> choosing passwords - I think it's a very safe assumption that a large
> proportion of Last Pass users have weak, easily guessable master passwords.

Indeed. Which is in part why we developed the Secret Key. Even if someone
chooses a relatively weak Master Password and all of the data were stolen from
our servers cracking even just a single password of a single user via brute
force would be implausible. The effort to reward ratio is very high (perhaps
insurmountably so) on the effort side.

Full disclosure: I work for 1Password.

------
zncoder
LastPass is hard to use for me, so I wrote my own,

[https://addons.mozilla.org/en-
US/firefox/addon/passcell/](https://addons.mozilla.org/en-
US/firefox/addon/passcell/)
[https://chrome.google.com/webstore/detail/passcell/mjbndaapn...](https://chrome.google.com/webstore/detail/passcell/mjbndaapnghbmikhgjnbljiimmdhobdm?utm_source=chrome-
ntp-icon)

All encryption/decryption is done inside the browser, as you can verify the
source code,
[https://github.com/zncoder/passcell](https://github.com/zncoder/passcell).

