
On Password Managers - tmorton
https://www.tbray.org/ongoing/When/201x/2017/07/16/On-Password-Managers
======
tptacek
The 1Password situation is complicated, and is a lot less sketchy than Bray's
summary would lead you to believe. 1Password has _not_ in fact phased out
their native applications or required people to use 1Password.com to store
passwords (it would be insane for them to do so).

There are four issues that I'm currently aware of with 1Password:

1\. They've converted from flat to subscription pricing.

2\. They're pushing people to a 1Password-managed cloud sync system instead of
the a la carte sync they were doing before.

3\. They're promoting cloud vaults and hiding local vaults, and the Windows
version of 1Password has apparently never used local vaults.

4\. Now that they have 1Password.com, first-time enrollment in 1Password
requires you to interact, once, with 1Password.com.

Of these, only (4) is a serious security concern. Their last release further
eliminated the native app's dependency on 1Password.com. I'm confident they'll
get all the way towards decoupling them, but I'm not them, so grain of salt.

I have no relationship with 1Password other than as a happy customer and as
someone who does research in the field they work in. Having said that: I
strongly recommend that you be _very_ careful about what password manager you
choose to use. The wrong password manager can be drastically less secure than
no password manager. I recommend 1Password, and there's currently no other
commercial password manager that I recommend. I'm sorry I can't go into more
detail than that. :(

~~~
sprice
> I recommend 1Password, and there's currently no other commercial password
> manager that I recommend.

Are there any open source password manager products that you would recommend?

~~~
kronos29296
Keepass and its various forks are open source. Keepass itself uses dotNet so
Linux guys need mono which not all people like. Those people use KeepassXC (a
fork of KeepassX which is Keepass in C++ and is unmaintained).

I use Keepass. Reasonable security but ugly gui in linux due to mono. Has
plugins. Completely offline.

~~~
6ak74rfy
Have you used KeepassXC. I am panning to move to it from lastpass, and want to
make sure I am making the right choice.

~~~
AbacusAvenger
I've used KeePassXC, and I think it's the best KeePass variant. I don't like
stock KeePass because it's horribly slow under Mono (Linux/OS X). And I like
but am not as satisfied with KeePassX because it lacks some features I like.
From what I recall, the maintainers of KeePassXC got frustrated with the
feature set and development pace of KeePassX, so they made their own fork. And
they added nice things like TOTP code generation (i.e. Google Authenticator
style) and YubiKey support.

I can't yet wean myself off of LastPass though, just because it's synced
everywhere and is more reliable when doing form fills on websites. For
example, KeePass and its variants don't have a concept of equivalent domains.
For "equivalent domains" I should be prompted with the same lists of auto-
fillable credentials, such as:

* youtube.com/google.com/gmail.com

* bing.com/hotmail.com/live.com/microsoft.com/msn.com/passport.net/windows.com

* apple.com/icloud.com

LastPass gets this right, but I sadly haven't seen any other password manager
that does. I think there's an open issue with KeePassXC to address this but
it's not merged or production ready.

~~~
cyphar
With KeePassXC you would do this by adding new entries for each alias and then
reference the username and password values of the "base" entry. I believe the
feature still isn't in a release, and the UX isn't there at the moment.

The problem is that they can't deviate from the official KeePass database
format, so adding something like aliases requires hacks like the above.

~~~
edraferi
KeePass is moving to a new file format, KDBX 4 [1]. It includes Custom Headers
feature that might enable plugins to implement URL Aliasing.

KeePassXC doesn't support KDBX yet, but they'r working on it[2].

[1]
[http://keepass.info/help/kb/kdbx_4.html](http://keepass.info/help/kb/kdbx_4.html)

[2]
[https://github.com/keepassxreboot/keepassxc/issues/148](https://github.com/keepassxreboot/keepassxc/issues/148)

------
tedmiston
Just to be clear, it's still 100% possible to keep your 1Password vault in
Dropbox etc and not use the SaaS version [1]. I felt like this fact was buried
in the article.

Edit: Here's the link to buy the standalone license [2] which is hard to find
on the site now.

In a post from the founder one week ago [3] he said, "We know that not
everyone is ready to make the jump yet, and as such, we will continue to
support customers who are managing their own standalone vaults. 1Password 6
and even 1Password 7 will continue to support standalone vaults."

[1]: [https://support.1password.com/sync-with-
dropbox/](https://support.1password.com/sync-with-dropbox/)

[2]: [https://agilebits.com/store](https://agilebits.com/store)

[3]: [https://blog.agilebits.com/2017/07/13/why-we-
love-1password-...](https://blog.agilebits.com/2017/07/13/why-we-
love-1password-memberships/)

~~~
wepple
Given the change to their business model I am concerned they can push an
update, where the next time I unlock my vault it syncs my master password
and/or decrypted vault to their cloud.

Maybe time for an open source password manager?

~~~
mikepurvis
There are lots of them out there to choose from. And being able to audit the
secure portions is great, but a password manager is the perfect example of
what free solutions often don't do well— you need to have a seamless
experience across multiple platforms including mobile, and you need to have
fairly deep integrations into multiple web browsers, which are notoriously
fickle and need to be tracked closely.

The killer feature of 1Password (on Android at least) is that it comes up as a
keyboard and can type long passwords into any apps. That seems like exactly
the sort of fussy integration that would be really hard to build and maintain
in something without commercial backing.

~~~
Nullabillity
KeepShare's auto-fill works 99% of the time for me, and it also has a keyboard
for when that fails. Commercial[1] but GPL[2]. This stuff isn't exactly dark
magic that only AgileBits can do.

[1]:
[https://play.google.com/store/apps/details?id=com.hanhuy.and...](https://play.google.com/store/apps/details?id=com.hanhuy.android.keepshare)

[2]: [https://github.com/pfn/keepshare](https://github.com/pfn/keepshare)

------
pixelmonkey
I use Enpass on Linux, Windows, OS X, Android, and iOS. I also use the Chrome
extension. It has a similar user experience to 1Password, but is actually
serverless (you sync your encrypted blob to a cloud service of your choice, or
not at all). I wish Enpass were open source, but I can understand their
decision not to make it so -- its desktop application is free and its mobile
apps include a small perpetual license fee ($10 per user, one-time). The
format of the encrypted blob is a simple SQLCipher database that uses your
(memorized) master password as the secret key, so even though the application
is closed source, the data seems to be stored in an open format. Overall, it's
probably the best option on the market in a very bad category of software.
After evaluating them _all_ , IMO, you should run away from 1Password,
Dashlane, Lastpass, etc and use Enpass instead. Even better if the place you
sync your encrypted blob is protected by strict 2FA and has good (enforceable)
privacy policies.

~~~
joekrill
I'm using Enpass, too. Your sentiments mirror mine exactly. In general I'm
surprised they are not getting more press. Perhaps if they were more explicit
and open about their underlying data format (the SQLite+SQLCipher database)?

~~~
conorcleary
I hope it stays reliable and low key.

------
vikingcaffiene
Good security hygiene is like a diet or exercise plan: the most effective one
is the one you will stick with. Most users don't follow good habits because
its a giant pain for non technical users to get set up. 1p's subscription plan
is aimed squarely at those people and I think its a great idea. It's
reasonably secure and easy to set up everywhere. That is a big deal in my
mind. Yes, its not bullet proof but its a 100000% better than what the current
status quo is.

Additionally, managing your own password vault is a lot like managing your own
email server. There's advantages but I feel that the disadvantages are
substantial. For one, the likelihood that you, one person, are going to do a
better job of securing your stuff than a dedicated team is optimistic at best.
Keeping your password vault safe is literally this companies full time gig and
they have entire teams dedicated to it. Do I think they are infallible? Of
course not. I'm not an idiot. But I think they are going to do a better job
than me at keeping my stuff safe. I happily will pay for that every month.

The authors point about the 1p web portal is a good one. I don't use it out of
similar concerns. Besides that, I really could not be happier with 1p as a
password management solution. They have a good track record (no hacks that I
am aware of) and I want the company I trust with literally the keys to my
kingdom to be profitable and motivated to keep improving.

~~~
ajross
> Additionally, managing your own password vault is a lot like managing your
> own email server.

As someone who actually does both, this is IMHO backwards. My "password vault"
is a GPG file I open in emacs and cut and paste from. It's trivially copied
and maintained, extends cleanly to "non-password" secret info (e.g. credit
cards, my kids' SSNs), involves no third party systems beyond the operation of
the software, is trivially backed up via straightforward file copies that I do
all the time anyway, and just in general works _better_ than the rather
complicated ecosystem of commercial offerings.

Works poorly in a phone, though.

~~~
Systemic33
Read what you wrote one more time, and imagine some manager working in a bank,
or a 17 year old business student.

It's hard enough to convince people not to use the same e-mail and password
combo, and instead use something like 1password or last pass, making them use
your proposed "solution" would be a massive step back.

~~~
ajross
Your point is sort of sideways to mine: yes, I happened to pick tools and
idioms (a text editor with GPG integration) that aren't avaialable to typical
consumers. Yet the solution _is_ trivial: I open a file and edit it!

Why can't the existing solutions in the market retain that triviality when
translating to the consumer? Why must we be inflicted with bad crypto,
cloudification, pervasive over-integration, lack of just-edit-the-text
extensibility, etc...?

------
harrisonjackson
With a couple UI/UX enhancements, Apple could take over the iOS/MacOS
marketshare of these products with Keychain. It's already possible to use
keychain in your workflow for password management, it's just not super
convenient.

I'd switch from Lastpass, if Apple made it easier to autofill and autogenerate
passwords and added support for sharing / teams.

~~~
TorKlingberg
Being Apple, they aren't going to release apps for non-Apple platforms or
extensions for other browsers. So they could only take over the marketshare
among people who only use Apple products.

~~~
qqg3
Thats what they said.

------
LordHeini
At our company we use keepass2 with a db file synced by dropbox. Works nicely.
Keepass can save all sorts of stuff alongside passwords (like credentials,
api-tokens...) and there is an app too (for android at least). Might get a bit
clunky if lots of people change a lot of stuff all the time but for us it is
not a problem.

~~~
netrap
That's what I use as well. Only thing missing I guess is a mobile workflow,
though there are some options.

~~~
jackbravo
We use [https://www.pwsafe.org/](https://www.pwsafe.org/). It has clients for
android, iOS and windows. In Mac and Linux you can use password-gorilla with
the same files. And sync with dropbox.

~~~
nytesky
There are other clients such as iOS and MacOS by App77 -- is there any
validation of that companies implementation of pwSafe?

------
braink
I totally agree with Tim Bray's post. The bottom line is that the pestering
that I get from AgileBits makes me, as a customer, really doubt their
integrity after trusting them for years. Why are they trying to force me do to
this? Obviously because they want more money (but are betraying their own oft-
stated security attitudes) and maybe even for some other reason (the backdoor
thing?).

~~~
eridius
I think they're doing it for 2 reasons:

1\. Money, and

2\. Significantly reducing complexity and maintenance burden. Supporting
cloud-only vaults is a lot simpler than also supporting local vaults plus
multiple different third-party sync mechanisms.

~~~
Spooky23
Generally speaking, when a vendor want more money to do less, it's time to get
a new vendor.

~~~
heartbreak
In what way are they doing less?

~~~
Spooky23
They are deprecating local vaults.

Given that vaults contain secrets, and data shared with third parties is not
secret in any legally compelling way, that effectively neuters the product.

~~~
eridius
> _data shared with third parties_

The data isn't shared with AgileBits. They only have the encrypted vaults,
they don't have the keys to open them. So it's no more shared with a third
party than using Dropbox to sync a local vault is shared with a third party.

------
jaclaz
IMHO this part is where the nail is hit right on the head:

>Why is AgileBits doing this? · For the same reason that Adobe has been
pressuring its customers, for years now, to start subscribing to its product,
rather than buying each successive version of each app. A subscription
business is much nicer to operate than one where you have to go out and re-
convince people to re-buy your software.

It is the part (common to many other software vendors) where they stress the
"I am doing this for your own good" that irks me.

You want to change your business model? Fine.

Do you believe that this new one is better? Fine.

Do you want to convince me that you are changing the "old" model (which BTW
you used until a nanosecond ago) becasue it is better _for me_? Hmmm.

~~~
tedmiston
The new model is better for you if you want the company to make enough money
to be able to support the product and put out new releases to fix bugs and
vulnerabilities.

~~~
jaclaz
Maybe, then they should say so, _indirectly_ better for me.

But bugs and vulnerabilities? On a years old, widely tested and used "static"
(or almost "static" ) product?

How many possible ones they are introducing by completely changing the tool to
be on the "cloud"?

~~~
heartbreak
1Password had vulnerabilities disclosed by Tavis Ormandy within the last year
regarding the communication between the application and the browser extension.
Those vulnerabilities were part of the so-called "static" product, and were
not related to the new cloud functionality.

[0] [https://bugs.chromium.org/p/project-
zero/issues/detail?id=88...](https://bugs.chromium.org/p/project-
zero/issues/detail?id=888)

~~~
jaclaz
Yes, I wasn't saying that the one had not bugs, all software may have some of
them, I was only saying that the risks of introducing more, new ones when
changing completely a software (or rewriting it) are bigger.

------
jwr
I wish AgileBits didn't conflate two issues:

* I have no problem with subscription pricing, software that is maintained needs to be sold in a subscription model, period. Anyone who thinks otherwise is deceiving themselves.

* I do have a problem with entering my password (that is used to encrypt my data) into a JavaScript environment.

Give me native apps, charge me in a subscription model, don't force me into a
web site version, and all will be fine.

------
chipotle_coyote
I'm a 1Password user, and have synced my vault between devices through both
Dropbox and iCloud at various points. I can't help but feel like either
there's something I'm missing or something everyone else is missing, which
statistically means that it's most likely me. But:

When I sync with iCloud, Apple can't read my vault--even though it's on their
servers, it's strongly encrypted with my passphrase, and the
encryption/decryption happens on my devices.

When I sync with Dropbox, Dropbox can't read my vault--even though it's on
their servers, it's strongly encrypted with my passphrase, and the
encryption/decryption happens on my devices.

When I sync with AgileBit's own cloud... doesn't the sentence go exactly the
same way? Quoting from their own current web page: "Every time you use
1Password, your data is encrypted before a single byte ever leaves your
devices."

So even if the vault is on AgileBits' own servers, isn't it _no more and no
less secure_ than the third-party syncing solutions they offer? Maybe that's
not the case, and things actually function differently--but I haven't seen
anyone describe why that would be the case. Again, maybe I'm just missing it.
But I keep missing it. And it's not in Tim Bray's article, either. He's fine
with putting it on somebody else's server if that server is run by Dropbox,
but not if it's run by the company that he's trusting to encrypt it against
people hacking Dropbox? How is this is materially different than using iCloud,
Dropbox, or any other solution that puts a copy of my vault on someone else's
servers for syncing purposes?

If the real argument is that there should always be a way to use a password
manager with _no_ cloud-based syncing solution, I'm on board with that; it'd
be a requirement for some businesses. But that doesn't seem to be the argument
that's being made. And if the real argument is that you don't like
subscription pricing models, that's fine. I don't like them, either. But
that's not an argument about security--it's an argument about pricing models.

~~~
Groxx
It's more that in-browser JS changes all the time and is basically never
audited, nor can it be pinned and prevented from changing. It'd be downright
trivial _and_ unnoticeable to change it to capture your password rather than
to behave as advertised.

Compare that with the app. Sure it has an updater, but you can use it offline.
Don't trust it in day-to-day affairs? Block network access. You can reliably
_not_ trust it, _and_ trust that it hasn't exposed your password behind your
back (minus on-disk, but that's a risk either way, and it's more audit-able /
third parties can build against the format to verify it independently).

~~~
yladiz
Playing devil's advocate: if you can trust that 1Password is doing everything
they can to protect you, the user (using HTTPS, resource integrity) while
using the browser app, then are you worried that 1Password may act
maliciously? I see this argument all the time but I don't buy it because why
on Earth would 1Password do such a thing, if their entire model is based on
the customer trusting them handling their data?

~~~
mvid
They can be compelled by an outside force to do so. Or their business model
may change

~~~
Groxx
"Compelled by an outside force" is the main fear for many people. Because it
happens _all_ the time, and some of those instances also have an NSL / gag
order so they're unable to talk about it until years after the fact (if ever).
Or they just threaten violence.

Threat models aren't the same person-to-person - this probably won't happen to
_you_ (the grandparent), but embedded journalists / people trying to overthrow
a corrupt regime depend on this stuff to _literally_ keep them alive.

Another fairly common possibility, and one that affects damn near everybody:
they can get hacked and have their source code modified. This happens with
some regularity, and it can affect apps too:
[https://www.macrumors.com/2017/05/07/handbrake-app-
security-...](https://www.macrumors.com/2017/05/07/handbrake-app-security-
warning-servers-hacked/) but in a browser this happens silently and
_unpreventably_. Apps don't (usually) update invisibly just because you
launched them.

------
moskie
The one place that 1Password doesn't meet my needs is in ChromeOS.

The browser plugin requires the machine you're on to have the 1Password app
running in the background, which is how it gets its data from the local (and
synced) vault. But there is no 1Password ChromeOS app (and I don't think it's
really even possible for there to be something like that in ChromeOS), so the
browser plugin does not work in Chrome on ChromeOS devices.

A while back, I think the 1Password synced vault files would also have an HTML
file you could load up in a browser, which would then communicate locally with
the encrypted vault to gain access to your passwords, which was a workaround
on ChromeOS. I'm not sure of the security implications of that process, but it
isn't supported anymore.

I really like the locally synced vault with browser plugin functionality, but
the fact that there isn't a solution on ChromeOS has been a sticking point for
me. I've gone the route of having Google store 1Password generated passwords
via Chrome's password features, for sites that I regularly access via
ChromeOS, which works, but feels excessive.

~~~
beckler
I don't use it personally because I have some reservations about it, but
Enpass ([https://www.enpass.io/](https://www.enpass.io/)) supports ChromeOS. I
wish 1Password supported ChromeOS as well.

~~~
corybrown
> REQUIREMENTS: Any Chromebook supporting Play store.

Only works because you run the Android app on your Chromebook, not supported
everywhere.

------
danirod
I've been using password managers (KeePass, in my case) for about a year and
all I can think is, why I didn't start using them earlier. It is cheaper to
generate a long, random password using alphanumerical and special characters
than trying to think a clever yet memorable unique password by myself, and
probably more secure.

Plus, it's true that you end up storing other sensible things that are not
passwords, such as API or recovery keys, because it's acts like a vault.

~~~
zokier
> Plus, it's true that you end up storing other sensible things that are not
> passwords, such as API or recovery keys, because it's acts like a vault.

I think this is one aspect that gets often overlooked. Keepass especially is
pretty flexible for storing all sorts of small things that you feel like
needing extra security and want to carry with you. Any entry in Keepass can
have arbitrary key-value pairs in addition to the common fields, and if that
is not enough you can also embed/attach files into the entry. For Windows
especially Keepass also can store ssh-keys and function as half-decent ssh-
agent.

------
rrix2
More and more, I'm recommending that friends and family get a Mooltipass[1].
It's open source, it works on any platform that supports USB HID (including
mobile devices using an OTG cable), it's got multiple browser plugins, and it
allows you to have "two factor" auth by seperating the pin-protected crypto
key from the device itself using smart cards.

The device can be backed up, and the cards can be backed up too (since
unfortunately it's not doing the crypto on the card, the card is just a
verifiable pin-protected way to store the AES key) and it's an obscure enough
looking device that it's not yet an easy theft target.

[1]: [https://www.themooltipass.com/](https://www.themooltipass.com/)

~~~
hedora
If this thing fit on my keychain, I'd strongly consider it. I can't see
carrying a card, a device and two usb cables around, which is what the current
form factor seems to require for use with my phone and computer. Maybe a usb
key with a screen, bluetooth radio and battery would work.

------
danr4
The only cloud based password manager I'm willing to use is Dashlane[1]. It's
supposedly "zero knowledge", and although you can never be 100% there isn't
some bug waiting around to be exploited, it's a compromise I'm willing to make
(the lesser evil). They also have several complementing features like
encrypted notes, auto saving receipts, credit cards, batch password changer
with quite a few major sites.

I'm not affiliated with them, it's just I never see them on HN compared to
mainstream applications like LastPass, 1Pass, OneLogin and such.. and I think
their services are better. Plus their support is great.

On the other hand, if everybody starts using it maybe it'll become a bigger
target for hackers. so don't tell everyone :)

[1] [http://dashlane.com](http://dashlane.com)

~~~
JoshTriplett
> The only cloud based password manager I'm willing to use is Dashlane[1].
> It's supposedly "zero knowledge",

Firefox Sync has a similar property; everything is client-side encrypted.

~~~
j605
Firefox sync got a security audit recently. I would trust it more.

------
trjordan
If I understand correctly, the main problem here is that if a password manager
at some point asks you for a password in an online environment, they're
subject to coercion. This is especially dangerous if you're using auto-
updating code like Javascript in a browser or code on a remote service,
because it could get backdoored at any time and you wouldn't notice.

Isn't the real problem auto-updating code with access to a network?
1password.com is certainly another vector that fits this description, but if
you don't trust AgileBits to manage 1password.com securely, why would you
trust them to manage the app on your machine securely? Or the auto-updating
Chrome plugin?

I'm not denying that there's more surface area by creating a login, but I
think it's a false dichotomy to say that the app is "offline" and the website
is "online". They both have network access, and if AgileBits or a random
hacker can change the app's code, they'll do that. That change will be
mindlessly delivered to your computer, and the bad guys will have all your
passwords.

~~~
zokier
> Isn't the real problem auto-updating code with access to a network?

At least in theory you can sandbox an app so that it does not have (unlimited)
access to the network.

------
grimborg
Why is the 1password login the same as the encryption password for all my
other passwords? There is absolutely no reason why I should ever send them my
encryption password. If they would make these two passwords separate and
handle all encryption/decryption locally, I think that would solve the issue
for me.

~~~
analogist
Because they don't transmit your encryption password.

Authentication is not done by sending them your encryption password, but
instead the derivation of an SRP static secret
([https://en.wikipedia.org/wiki/Secure_Remote_Password_protoco...](https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol))
from your password (PBKDF, XOR'd with HKDF of the entropy-boosting pepper that
they call the "Secret Key"), and performing a session key exchange handshake,
basically like a (non-ephemeral) Diffie Hellman. They then encrypt all future
communications (inside of TLS) with the transient session key.

This gets you three things in one swoop:

\- Authentication of user

\- Authentication of the server (if the remote server doesn't have the stored
RSA counterpart of your derived SRP static secret, the exchange can't
complete)

\- An additional encrypted tunnel independent of TLS, so transport security
isn't reliant solely on TLS (Cloudbleed, etc). (The contents being moved
around are encrypted yet again)

And:

\- User doesn't have to remember a separate password.

\- The password and pepper never touch the network, only (non-reversible)
session tokens do.

\- Having access to traffic inside of TLS (corporate or malicious TLS endpoint
interception, for example) still gets you nothing.

There are valid criticisms of 1Password, but you're literally criticizing them
for something they've gone out of the way explicitly spent engineering hours
solving in a way that not many services have even bothered thinking about.

~~~
grimborg
Thanks! I am so glad to see I was wrong on this!

------
darrmit
I'm glad to see this getting more attention because it has been brewing for
months and 1Password is essentially doing what they promised they wouldn't -
forcing users to the subscription/online model my phasing out support for
local vaults.

I'm not mad at the subscription. I'd pay them the few bucks a month happily
for what is an excellent application cross-platform. I AM mad at the forced
cloud sync.

My current plan is to keep using 1PW 4 on Windows as long as possible and then
re-evaluate when I absolutely have to. KeePass is a close alternative, but
nowhere near as polished at this point.

~~~
m3Lith
Polished as in having a more "modern"/user friendly UI? I'd say the UI is the
least important part of a password manager. Especially if you use an extension
for autofilling/autosaving, you barely ever see it.

Anyways, there is a more stylish web UI for Keepass:
[https://keeweb.info/](https://keeweb.info/)

~~~
darrmit
No, polished as in a functional browser integration and mobile app. For
example, 1Password can fill in specific apps on iOS whereas I haven't found a
KeePass app that can.

Small things, but "polish" nonetheless.

Have used KeeWeb and it's great.

------
archagon
Over time, it's become clear to me that the only business model with true
longevity is open source. When I was first looking into password managers
several years ago, I wanted something very simple: an iOS tool that could
securely and locally encrypt a data blob with a memorized master password.
1Password did this job well for many years. Unfortunately, as with many App
Store offerings, the pressing need for Agile Bits to _grow_ has distorted the
fundamental nature of the product. I was first alarmed when they added TouchID
authentication: a seemingly innocuous feature, but one that necessarily stored
your master password somewhere other than your head. (Fortunately, this was
disabled by default.) Subsequently, features got added that stored your data
on remote servers and even required you to send your master password over the
web. I ignored this for the most part, but recent talk of this becoming the
_only_ use case for 1Password has put me on red alert. It's evidently time for
me to start looking into OSS alternatives for my password manager, just as I
have with a number of other tools in recent years.

Unfortunately, it seems that many companies these days are more interested in
developing services rather than deftly solving specific user problems. Whether
or not this is financially sound, it's an ongoing assault on my workflow. I
can't live in fear of every utility on my system pivoting to a new business
model! Fundamental software needs to be stable, and there's a good reason why
most of our essentials (compression, video playback, web browsing, etc.) are
free and open source.

Going forward, I hope we discover more ways to collectively fund open source
software projects, large and small, because everything else is just an IOU for
another future shakeup.

------
malchow
I totally missed this switch by AgileBits. Does anyone know how to ensure that
the data file continues to be synced to Dropbox or iCloud, not AgileBits?
(Looking into my configuration, it would appear that AgileBits has silently
moved my data from iCloud to the AgileBits cloud.)

EDIT: Found: [https://support.1password.com/sync-with-
dropbox/](https://support.1password.com/sync-with-dropbox/)

~~~
eridius
> _Looking into my configuration, it would appear that AgileBits has silently
> moved my data from iCloud to the AgileBits cloud_

How could that possibly happen? Local vaults can't just silently turn into
cloud vaults, and you need a subscription license to use cloud vaults anyway.

~~~
Johnny555
_How could that possibly happen? Local vaults can 't just silently turn into
cloud vaults,_

Why not, all they'd have to do is copy the local vault to their cloud service
and you'd never notice until you discover that the local file you're syncing
somewhere else no longer contains your new passwords.

I'm not saying they've done this, but they could.

~~~
eridius
You're confusing what's theoretically possible with what they're actually
doing. You asserted that they did something that they categorically _do not
do_ , and are trying to defend it by saying "but they could!".

I don't understand why you're doing this though, unless you're trying to
intentionally create FUD around 1Password.

~~~
Johnny555
You asked "How could that possibly happen". I gave an answer for how that
could possibly happen.

~~~
eridius
Not very helpful. I wasn't asking you to theorize on how AgileBits could
change 1Password in the future to do that. Rather, I was expressing skepticism
that events happened as you described (e.g. that 1Password just arbitrarily
decided to convert local vaults to cloud vaults without any instruction from
you).

------
StavrosK
This is only tangentially related, but I believe it's time to have a unified
login standard for the web. Not in the OAuth sense, as that's hard to do, but
just a small, machine-readable file that tells your password manager "to log
this user in, just submit credentials to /whatever/url/".

That way, your password manager would show a "login" button on the browser's
toolbar when you visited _any_ page in a site, you'd click it, and you'd be
logged in (or possibly be asked for a two-factor code or be redirected to a
two-factor page) immediately and certainly.

Is there anyone here who's working on a password manager who'd like to develop
this with me? I've been wanting to write a spec and Django/Python
implementation of it.

~~~
jimktrains2
> just submit credentials to /whatever/url/".

No, No. We shouldn't send credentials to anywhere. We should be using things
like client certs or SRP. We need to solve the UI and UX problems and actually
create better systems, not keep patching over the same broken system.

~~~
StavrosK
Do you want a marginal improvement that many people might use, or a perfect
system that nobody will?

~~~
jimktrains2
I don't consider something that remember the login URL for a site (which most
password managers can store) a marginal improvement at all.

Also, "marginal improvement that many people might use, or a perfect system
that nobody will?" is a false dichotomy. I'm saying we should make better
systems (not perfect ones) easier to use.

~~~
StavrosK
> I don't consider something that remember the login URL for a site (which
> most password managers can store) a marginal improvement at all.

Me neither, that's why I proposed a system that will allow your password
manager to log you in automatically with a single click instead, with a
trivial change to the server (a file with some information).

> I'm saying we should make better systems (not perfect ones) easier to use.

Having seen how little adoption Persona, which was pretty much perfect, got, I
don't think the problem is usability.

------
laurencei
I have 1Password and I love it.

But my biggest fear that I have is; if my laptop was ever pwned in some way,
due to some noval 0-day etc - is that everything stored in 1Password could be
compromised. But more importantly - the hackers would have an address book of
banks, servers, databases etc that I have access to.

I dont know if there is a solution - but I feel it is like putting all your
eggs in one basket.

~~~
andreineculau
you would still need to use your master password to unlock the vault

------
pc86
Does anyone know anything about Dashlane? I had a free commercial account from
a previous employer and it seemed nice, other than the popup every time you
logged in to an unknown website asking you to save your credentials. I'm
pretty sure that was configurable, though.

I don't see Dashlane spoken about much in these conversations (I have no
affiliation).

~~~
6ak74rfy
From all the discussions that I have seen here on Hacker News or on Reddit, I
don't think Dashlane is popular.

~~~
pc86
I think whether or not it's "popular" is orthogonal to whether or not it works
well and is secure.

------
chiefalchemist
Question: When you add additional hardware (e.g., Yubikey) how does that
effect the integrity (?) of your PWM (e.g., LastPass)?

I'm comfortable (in a I have no choice sorta way) that there is always some
risk. Therefore, my next best choice is to mitigate that risk as much as
possible. Obviously nothing is perfect, but it seems that using a Yubikey (or
similar) raise the bar pretty high.

Yes? No?

p.s. Does anyone know of the legal implications of a Yubikey? That is, can a
court order you to turn it (and PW) over? Or is there some protection from
such things?

Note: I'm not doing anything nefarious. I'm just wanting to lower my sec
risks, as well as maintain a respectable level of digital liberty.

------
nomagicbullet
I've never seen a corporate post with more comments by employees than the one
where 1Password tries to explain their subscription model [1]. It makes it
looks like they want to bury non company comments.

And I am a current 1Password customer and had been for years, but that post
doesn't inspire confidence in me.

[1] [https://blog.agilebits.com/2017/07/13/why-we-
love-1password-...](https://blog.agilebits.com/2017/07/13/why-we-
love-1password-memberships/)

------
oxguy3
> And anyhow I'm obviously a lame-ass hypocrite because I use the 1Pass­word
> Chrome plu­g­in to fill in forms for me, and this means I type the master
> password into a browser.

Actually, you don't. When you click the 1Password button in your browser, it
sends a request to the 1Password app on your computer via localhost, which
then opens a pop-up for you to enter your password. You're entering it in the
1Password app, not in Chrome.

------
peterkshultz
Any password manager recommendations such that people don't need to deal with
1Password's cloud-based storage?

~~~
kebolio
[https://www.passwordstore.org/](https://www.passwordstore.org/)

command-line, encrypts passwords with gpg, synchronises using git and by
default only copies the password to the clipboard and automatically wipes the
clipboard after a minute

~~~
ufo
Last time I checked this it would store metadata about the passwords in plain
text (file and directory names). Did that get fixed yet?

~~~
roddhjav
This "issue" has been fixed with the pass extension 'pass-tomb' that keep the
whole tree of password encrypted inside a tomb

See [https://github.com/roddhjav/pass-tomb](https://github.com/roddhjav/pass-
tomb)

------
markroseman
In 1Password's case, I understand their desire to switch over to subscription
pricing, and also have some sympathy with the notion that moving people to a
cloud-based model reduces confusion and complexity (including their support
costs). I also have no doubt that they now intend to take security as
seriously in the future as they have in the past.

Beyond the not-insignificant risks of them screwing up, despite the best of
intentions, there's nothing that prevents a change of company
direction/priorities that could greatly increase the risk of a significant
security breach. New senior people get brought in, crises happen that lead to
poor decisions for financial or other reasons, and companies get sold to
people who may well have completely different priorities.

------
lifeisstillgood
It feels like a comparison of the available options out there is something
"useful to the world".

I am not too sure how to do that but would value comments from people who have
used open source password managers, or even read the code!

Shall we?

My assumptions for this list of recommended apps is at minimum:

\- a single file in a well-known format is stored on a cloud service, and can
be read / updated from different devices and platforms

\- as this is encryption, we prefer open source code and trusted binary makers

My experience:

I use pwSafe on iOS (binary from some random guy). This backsup to dropbox.

I have a python script based on pypwsafe3 that can read the file on Linux. I
have not yet tried BI-directional

I know pwSafe is based on Schneier's windows version, but frankly I have not
tried to find the code or validate the binary.

So - is it worth building some kind of knowledge base here?

------
guelo
Against all recommendations I reject all password managers. I feel like all
security software is eventually compromised, most frequently by business folks
as in this case. Instead I use a tiny notebook that I keep in my wallet. I
pick long 12+ character passwords myself, not super randomized but I haven't
heard of a brute forcing attack in a long time. It allows me to easily meet
weird password requirements. I feel pretty secure that it's not on a computer.
Admittedly I also use Firefox's password manager to avoid typing them in all
the time. I trust Mozilla for now, though I wouldn't be surprised if they are
eventually compromised as their market share goes down.

~~~
JoshTriplett
> Instead I use a tiny notebook that I keep in my wallet.

So, if your wallet gets stolen or lost, you'll have to go through every site
you use and change all your passwords, quickly, and hope that whoever has that
notebook hasn't taken over your accounts in the interim?

Also problematic if you travel, and don't particularly want to make that list
of passwords available.

~~~
zokier
I used pen and paper password management for a while (I use keepass these
days), so I'll defend it a bit.

1) I used practically exclusively my desktop at the time, so the password slip
stayed home

2) My home was relatively safe place; I didn't really have guests or other
people mingling around and bulglary was basically unheard of in the area. My
threat model did not include defending against law enforcement.

3) Paper _is_ literally unhackable (with software), and it is trivial to
understand that. I considered keyloggers to be a game-over situation anyway.

4) I always used secure password generator to create the passwords

5) I felt at the time that paper was more safe against catastrophic data loss
(either due software or hardware failure)

6) Paper works universally crossplatform without needing any syncing.
Multibooting and reinstalling different OSes etc did not impact my passwords

7) I wasn't confident in my ability to evaluate software password managers and
especially establising secure usage patterns for them

With these points I still feel like the decision to use "paper under keyboard"
was pretty well justfied and reasonably secure. Most importantly it enabled me
to make the huge leap forwards from previous really insecure methods. Of
course there are many reasons why you wouldn't want to use paper, some of them
implied in above points.

I would never carry my password-slip with me on a regular basis, that seems
just foolhardy, so that is the main difference between past me and OP.

~~~
conorcleary
I don't think you can defend against the redundancy that digital password
managers, whatever format, provide. However, if you Xerox your paper...
Yeah... But, you must get my point.

------
bsilvereagle
Encryption Wizard [1] solves issues 1-4, but is severely lacking on #5 (device
syncing). It also has no mobile support.

I've performed a cursory search to see if any OSS password manager comes close
to EW on features, but didn't find anything:

* Supports CAC encryption/decryption

* Allows you to store contacts public certs

* Allows keys to decrypt

* Generates passphrases

* Allows multiple keychains to be opened at once

If anyone is looking for a (probably not profitable) OSS project/business, I
would pay probably upwards of $100 for a perpetual/source available license
for an Encryption Wizard clone with a mobile client & some built-in support
for syncing.

[1] [https://www.spi.dod.mil/ewizard.htm](https://www.spi.dod.mil/ewizard.htm)

~~~
rkeene2
hunter2 supports using DOD CACs (or any other smartcard) to encrypt and share
passwords. In hunter2, users are identified by their public keys. Each
password can be shared with any user by any user that can decrypt that
password.

The DB used is a flat, sorted, text file so it can be stored in a version
control system.

[https://chiselapp.com/user/rkeene/repository/hunter2/](https://chiselapp.com/user/rkeene/repository/hunter2/)

I'm interested in taking you up on your offer for an app-ified version. How
should I proceed ?

~~~
thanatropism
The reference:

[http://www.bash.org/?244321](http://www.bash.org/?244321)

------
santiagobasulto
Completely irrelevant to this post. A long time ago I was in an Android
"workshop" in one of these Google conferences and I saw a tall guy with a
cowboy hat and slippers walking around and talking to people. I though to
myself, "what a funny guy". We chatted for a little while and I didn't know if
he was a "Google evangelist" (those that can talk tech but can barely code) or
if he was just serving coffee (he was super humble and relaxed). Then I
learned that was Tim Bray, one of the "creators" of XML. I never
underestimated anyone anymore (I was young and stupid, sorry).

------
raverbashing
I use password managers, but I think the usual way of thinking about them is
wrong

Besides password reuse being not recommended, the main issue is: most websites
don't give a eff about whether they store your password correctly or not

It's a trust asymmetry, they ask you to provide a password (and most ask one
with a lot of BS restrictions) THEN md5 it and put it on the database, or
worse

And as said by the article (and implied by the above paragraph), there are
better ways of obtaining someone's password - pwd managers are not the weakest
link, at least not now

~~~
cjCamel
Do you mean this: [https://www.troyhunt.com/password-managers-dont-have-to-
be-p...](https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-
they-just-have-to-be-better-than-not-having-one/)?

------
Sweetlie
I'm surpised nobody cited lesspass,
[https://lesspass.com/#/](https://lesspass.com/#/)

Nobody store your password it's pure stateless, you can access the software by
the official website, your website, web plugin, the terminal

see this blog: [https://blog.lesspass.com/lesspass-how-it-works-
dde742dd18a4](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)

~~~
rockostrich
HN has some problems with it:
[https://news.ycombinator.com/item?id=12889807](https://news.ycombinator.com/item?id=12889807)

I use it and enjoy it. Most of the complaints have to do with there only being
1 master password and being able to crack it if one of your passwords is
compromised which doesn't bother me since I use a sufficiently long master
password.

------
zeta0134
"2\. In­stall a cam­era any­where I work and fo­cus it on my hand­s"

I feel like we need to be talking about this more. For all the hullabaloo
concerning password strength and encryption key length, MANY of our secret key
entry methods would be quite easily defeated by a common webcam and a pair of
human eyeballs.

That's kind of scary! It's not about to make me stop using passwords, but it
is going to make me stop and think before I log into anything in a coffee
shop.

~~~
kej
It's even worse than that. Recent studies have been able to reproduce the text
you type by analyzing the sounds emitted by the keyboard[1] and even the
ripples produced in the local wifi signal.[2]

[1]
[https://en.wikipedia.org/wiki/Acoustic_cryptanalysis](https://en.wikipedia.org/wiki/Acoustic_cryptanalysis)
[2]
[https://www.sigmobile.org/mobicom/2015/papers/p90-aliA.pdf](https://www.sigmobile.org/mobicom/2015/papers/p90-aliA.pdf)

------
malchow
Is it still the case that the 1Password Master Password is never transacted
over the web, even on 1Password.com? The encrypt/decrypt is done in the
browser?

~~~
quacker
It was my understanding that the "secret key" never goes over the network. The
secret key is generated locally, never sent over the network, and vaults are
encrypted/decrypted locally.

------
wdr1
What I don't understand is: why isn't the responsibility of the browser?

The browser can verify who am I, likely in a more rigorous way than a
password.

The browser can already handle interaction with the server on behalf of the
user.

Sure, the user flow would need to be sorted out (e.g., to confirm the user's
intent), but it seems much better than the current system we've been using
since the days of .htaccess.

------
FabioFleitas
Are there any good password managers that don't have enforce going to the
cloud, but work nicely with larger teams? A few people in the comments are
recommending using keepass with a shared Dropbox file, but that doesn't work
as well when you want different people having access to different passwords on
teams.

Anyone know of a good alternative to 1Password or LastPass for teams?

~~~
dbg31415
> Anyone know of a good alternative to 1Password or LastPass for teams?

Those are the only two that I have used with teams. I like both of them;
certainly having a password manager is better than not having a password
manager... LastPass gets so much right for teams. It's still what we use at
work as a result. It's not perfect, but I'm not willing to move my team off it
for something that is marginally better in one area, and less good in 4
others.

Waiting for a clearly better solution and haven't found one yet.

------
corybrown
I've moved from LastPass to KeePass, but the biggest thing I miss from
LastPass (other than the better browser integration) is a good CLI client.
Lastpass-cli is great, and kpcli just isn't.

Anyone have a recommendation for a good CLI client that isn't `pass`? (I don't
want to deal with GPG)

~~~
bndw
Pick[1] is a CLI password manager that I've been working on for a couple
years. There is no browser or mobile support, however.

[1] [https://github.com/bndw/pick](https://github.com/bndw/pick)

~~~
lazard
Nice! Looks similar to Seal [1] (also written in Go). I just added a link to
Pick under related work.

[1] [https://github.com/davidlazar/seal](https://github.com/davidlazar/seal)

------
akurilin
Any alternatives to 1Password / LastPass that support Google's SSO? I tried
TeamsID before and I was ok but not nearly as feature-full as I was hoping:
e.g. no automatic auto-fill on the page you land on, no password generation
for new websites.

------
nthcolumn
The single point of failure is my own memory. I never commit passwords to
anything else. Frequent user of password recovery for online sites. Will never
use a password manager trojan for obvious reasons imho.

------
heisnotanalien
I get your point but the truth is if the government REALLY wants your data
then they're going to get it. It's not hard to install a physical keylogger
for example and you'd never notice.

------
deedubaya
I thought 1Password confirmed that the cloud based storage is the default for
new users -- existing and more security conscious users can still use whatever
data store they choose?

------
nicktrocado92
What do you guys think of keeper [1]?

[1] [https://keepersecurity.com/vault/](https://keepersecurity.com/vault/)

------
bokglobule
Frankly I think people are insane to use any of these password manager
products, whether SaaS or local. You're trusting a 3rd party to exercise
control over your most sensitive digital information. Since the majority of
people on HN are developer-types, you'd think "we" would write a little code,
if necessary, for ourselves to make it easier to remember passwords. Basically
a little DIY.

IMO, this will end badly.

~~~
conorcleary
By responding to this comment, I increase my chances of being victimized by
some percent. By disagreeing with you within my reply, I increase it further.
By listing and drawing attention to my comment 'almost deliberately', it
probably raises the 'rate' of increase. Using a paragraph much longer than
this point will draw further scrutiny.

A password manager is good<>great [the] most<>majority of the time. By drawing
attention to yourself in a manner as small as this or as largely as describing
my exact setup and process, I should start to worry for myself and my digital
security. By stating that locks are meant for honest people I should be able
to draw in some agreement by readers of this comment. Any and all of these
points will raise me out of the 'crowd' of password manager users and paint me
some shade of a target to malicious activity.

However, I believe that notwithstanding the above information, the average
user is 99<>100% safe using a password manager in best practice settings.

------
reiichiroh
Does anyone know the state of LastPass for Applications which would be
installed locally onto Windows?

------
amelius
If only I had a keyboard with an NFC chip, and some password software on my
phone ...

------
ctingom
I'm still using 1Password Version 3.8.22 on my Mac. Should I upgrade?

------
xoa
I agree with where he's coming from overall. Password managers [1] are a very
important practical security measure that general users should be utilizing
for the foreseeable future, and one where a good UI (as 1P and other
commercial ones offer) is a genuine _security_ feature, not just a nice-to-
have, because their security implications are directly tied to how much users
utilize them. That means while technical users will always have solid OSS
solutions no matter what, it's worth paying attention to what major
proprietary ones are doing too. This shouldn't be dismissed purely because
KeePass variants or whatever exist.

And I definitely don't like the business incentives subscription models
generally create when it comes to standalone software development (as opposed
to a server-based service), and so far the major moves to them I have
experienced (such as Adobe's) have reinforced my concerns. While in the short
term individual personalities can of course do whatever, I think in the medium
to long term it's very hard for development direction to stay divorced from
whatever the direct economic incentives of the business model are. In turn
thinking about that is one of the more important factors in thinking about to
what degree a company can be depended on over the years. Because:

1\. Humans have a strong tendency to favor the status quo unless there is a
disruption (HN crowd likely deals with this frequently, such as with the
immense power of defaults in UI design).

2\. Low constant noise triggers less consideration then occasional larger
spikes, even if the former adds up to more in the same time period.

3\. There is direct loss associated with stopping.

4\. Lock-in increases.

subscriptions are well known to be a lot stickier and less sensitive to
stagnating software, pricing changes, etc., then per-version purchases are.
Companies can put out "being able to focus on the longer term!" but
fundamentally subscriptions remove a significant form of customer-oriented
hard discipline and incentives. Some devs might be able to continue the same
without it, but many clearly cannot. And I want to emphasize that this isn't
at all necessarily because of any maliciousness or even greed, no "haha now we
have them where we want them". It's just that a lot of humans will lose focus
without some sort of hard-to-subvert, reasonably fast outside feedback loop.
Subscriptions also encourage feature development and testing towards a single
vertical ecosystem, even if other approaches would be perfectly viable.

AgileBits says they're keeping standalone licenses, but I see nothing about
reasonable feature parity. I also agree that one of the best ways to assuage
concerns is full honesty, including acknowledging obvious conflicts of
interest, and in that light I agree it would have been valuable to see at
least something about how this boosts their revenue, and how they're aware of
the risk of making standalone licenses second class citizens and will watch
for it. They've been a solid company and made a solid product overall however,
so I'm willing to give them the benefit of the doubt here for now. It'd be a
shame if they ultimately do go sub-only at some point, even if data can be
trivially dumped to other programs.

Maybe by that time though progress will be made on finally getting websites
away from password authentication entirely and in turn PMs can be rendered
mostly a historical artifact.

As as an aside, though I think this blog is aimed at a general audience there
are a few misunderstandings that are significant, since they're not that
complex but feed misunderstandings. For example:

> _In the 1Password app 's sync model, however, one assumes they use the
> pretty-secure HTTPS-based APIs for each of these products, machine to
> machine, no JavaScript in the loop._

The author himself correct states that in 1Password's (or KeePass or any other
client based encrypted database setup) case they're using purely offline-app
endpoint encryption, and part of the entire point of that is that the
transport mechanism is irrelevant. There is no need to trust anything beyond
what exists on the endpoint. This matters because it relates to some of the
other concern points he raises, not just cloud storage location but for
example "backdoor code in a future 1Password app release that sends the
goodies to the enemies". An endpoint password manager that allows abstracting
sync from the application itself, at least optionally, in turn can be isolated
from any net access (and/or any attempts monitored) which reduces that threat
profile as well.

\----

1\. Effectively a mediocre reimplementation of public key auth on top of
90s-era website authentication practices that have proved sticky.

------
dawnerd
1password should just release a paid (subscription even) self-hosted version.
They already have the domain bit in their apps, I can't imagine it being too
much effort to work with any host.

------
blubb-fish
i don't want to repeat myself ... but Bruce Schneier's PasswordSafe and only
Bruce Schneier's PasswordSafe is the real deal!

------
draw_down
Sure they haven't disabled the ability to keep your own password vault. It
would be ruinous to do so at this point, even if they wanted to. But I think
the writing on the wall is awfully legible.

------
netrap
How can you talk about 1Password but not KeePass?

~~~
Spivak
Because he's specifically talking about web based password managers.

~~~
tripzilch
Mods should fix the title then, I could have skipped this article.

------
ss248
Password managers are the definition of "putting all your eggs in one basket".
You need to compromise 1 (ONE) password to get access to EVERYTHING. They are
a lot more convenient, but barely more secure than a plaintext notepad file.
And some people actually storing bank accounts and credit cards info there.
This is insane to me.

~~~
beisner
It is exponentially easier to practice good security hygiene for exactly one
password than it is for the 200 or so passwords/sensitive numbers I keep track
of in my password manager. Maybe you are extremely disciplined and can
remember 200 unique passwords/passphrases each with 100+ bits of entropy and
are (effectively) mutually independent, but alas I cannot, and neither can the
billions of people who use the same 8 character password for every account.
The best I can do is remember 1 high-entropy password that I change regularly,
and have the password manager keep track of 200 other highly-entropic unique
passwords.

My point is that having a single point of failure maybe theoretically isn't as
good as having a bunch of passwords, but in practice nobody has the discipline
to actually maintain good security hygiene, and thus it is practically more
secure to use a password manager than it is to have a bunch of different
passwords that are either the same or closely related.

~~~
ss248
The biggest problem, is that password managers give layman false sense of
security and by doing so, they are putting him in much bigger risk than he was
before. Most advertisements are basically implying "Use password manager and
you don't have to worry about losing your accounts". This is wrong on so many
levels.

People should be aware that password managers are just glorified notepad file
with one password. And after attacker compromise password manager, he not only
gets your passwords (lesser evil), he also gets all information about your
accounts (huge problem). This is a pretty big deal. He doesn't need to search
where you are registered, manager will tell him everything he wants to know.
Possible damage is massive. Even if you reuse one weak password everywhere
(worst case of password security), he doesn't get that amount of information
after successful attack.

And I really doubt you actually need "200 unique passwords/passphrases each
with 100+ bits of entropy". Btw, do you know why password needs to have high
entropy? It's not to stop attacker from brute-forcing login page (nobody is
doing it in 2017), it's to make it harder to crack password hash, in case he
gets it. There is no point in using extremely strong unique passwords on
accounts you don't care to lose. Even worse, by using 200 unique passwords
with passmanager, in case attacker gets your one master password, manager will
tell him about every single account you have. By storing a lot of info there,
you are just increasing amount of damage you will receive after being
compromised.

The whole system security is as strong as the weakest link in the system. It
doesn't matter, if every single password is unique with 100000+bits of
entropy. All it's around your one master password.

