LastPass would have also led their customers to believe that "brute forcing was not possible" and that they were taking extraordinary measures to keep vaults and data safe.
I think one distinction between services like KeePass and 1Password is end user perception of how easy it is for an attacker to acquire an encrypted vault to begin with. For many, they consider a KDBX database sitting in their Dropbox account to be less likely to be stolen than an encrypted vault being held by a company like 1Password, a high value target to the most sophisticated attackers including state actors.
Doesn't necessarily matter what LastPass "would have also led their customers to believe", the mathematical reality is still that LassPass vaults are crackable in a way that 1P vaults fundamentally are not.
Yes, according to what 1Password is telling us. But as we've seen, what these companies say and what they actually do in practice are not always aligned. And oftentimes customers are inserting a lot of their own assumptions into the mix, not only with respect to vault encryption but vault storage and operational security.
With their very comprehensive whitepaper and Charles Proxy you can verify all their claims. Their whitepaper is one of the best resources I have found on E2EE in general. With that, you should be able to write your own 1P vault parser. Then you can verify that traffic to their server is exactly what they claim it to be.
In another comment you are criticizing that their product is proprietary - that's IMO not quite true. Yes, 1P is closed source, but their crypto strategy is documented extensively - they list the exact cipher algos and settings.
> not only with respect to vault encryption but vault storage and operational security
That's a valid argument, BUT, if you read their whitepaper, you'll likely arrive at the conclusion that even a full leak of the encrypted vault is currently not that problematic. I wouldn't post it online, but I'm not worried if they announce a leak tomorrow.
> Yes, according to what 1Password is telling us. But as we've seen, what these companies say and what they actually do in practice are not always aligned.
That's just not accurate:
1. First off, all the encryption happens client-side. It is possible for anyone so inclined to validate how 1P and LP are doing their encryption.
2. The deficiencies in LP's encryption approach were well known for years.
My point it, yes, companies will spin things how ever they want, which is why you should completely ignore what they say and only evaluate what is verifiable. And 1P's and LP's approaches are verifiably different.
1Password's client side encryption is occurring within it's proprietary, closed-source product, so I'm not sure how the end to end process can be completely validated.
With respect to your confidence in 1Password's code and encryption methodology, would you be willing to send me your 1Password vault so that I can have a look at it?
> 1Password's client side encryption is occurring within it's proprietary, closed-source product
It's Javascript running in a browser.
> With respect to your confidence in 1Password's code and encryption methodology, would you be willing to send me your 1Password vault so that I can have a look at it?
Yes, absolutely (note I don't actually know how to get the encrypted version of the vault standalone). Are you willing to send banking information over HTTPS? It's the same level of security.
> Yes, absolutely (note I don't actually know how to get the encrypted version of the vault standalone).
I believe that, given that it's just JavaScript in the browser, that the encrypted vault should be available as a blob in one of the network requests when you are making a change to the vault.
> Are you willing to send banking information over HTTPS? It's the same level of security.
Maybe I'm being irrational, but I just think there is a fundamental difference in the risk profile between a breach of my banking credentials and having every stored set of credentials across my entire digital life exposed through a password vault breach.
If my banking details were compromised somehow, I at least have a bank I can work with and real people I can talk to. Both the bank and myself have a strong mutual interest in addressing the acute security issue. Government banking regulations come into play. Insurance comes into play.
If my password vault is compromised and credentials for every service and website are exposed, I would argue that is a far graver matter. And who do I turn to in that case? I have to imagine that any of these password management companies would just point to me being somehow negligent with my master key and tell me to pound sound.
I think one distinction between services like KeePass and 1Password is end user perception of how easy it is for an attacker to acquire an encrypted vault to begin with. For many, they consider a KDBX database sitting in their Dropbox account to be less likely to be stolen than an encrypted vault being held by a company like 1Password, a high value target to the most sophisticated attackers including state actors.