> Of course, there are still things that I need to remember my passwords for. For example, anything I connect to via a terminal I have to be able to remember the password for because you can't paste to a terminal (at least not that I know of, if you can then someone please tell me!)
I'm not sure what OS you use, but many terminal programs on Linux (and at least one on Windows) allow you to paste by right-clicking or middle-clicking. Or by pressing ctrl-shift-v, but I find that slightly awkward.
But you can see your password if you paste it into a non password field? So you really could know it if you wanted to. I still see the benefit I guess because of the reasons you mentions.
And potentially malware can watch the clipboard and "paste" things to L.Ron Hubbard knows where, it's not only your roomies that might be looking over your shoulder...
So... what happens when your database gets corrupted/your hard drive fails/laptop gets stolen? How are you going to connect to all of your everythings?
Alternatively, what happens when you want to transition away from KeepassX and to another, better, more advanced password manager? Or away from password managers all together?
There are so many meta-problems to deal with when using password managers, I think in the long run they might be more trouble than they're worth.
Not sure that matters too much? I can still identify myself through other means. For example if my online bank password is lost that's an inconvenience. If someone else gets it, that's a nightmare.
As aw3c2 points out, backups and export options can resolve two of the issues you cite.
As for "if your database gets stolen", that is covered by the encryption of the data and the login method: a password that you know (this one you would have to remember, obviously) and a key file (this may or may not (probably not) be counted as two-factor authentication, depending on how you manage the key file). The thief would not be able to open the database to find your credentials.
If the credentials store and the credentials required to access it are both compromised, so someone does have access to all the data stored within, then you have the problem of changing all those credentials before anyone malicious does something with them. With a backup of the database you have a convenient list of everything that needs to be changed so you don't forgot something important (though anyone else with access to the compromised data also has this list...).
While having a central key store creates its own problems if it itself is not secure, I think that little extra risk is small compared to the risk from other password management (using easy-to-remember things that are thus probably easy to guess, and/or even worse: using the same credentials for many uses). The risk of compromised password store is a local issue, so is something you can control (and hopefully mitigate) locally - no one can try brute force my keepass DB remotely unless they somehow get hold of a copy (which is possible I suppose, but not easy and would require them to be specifically looking for my credentials rather than a more general hacking attempt), but they could try brute force any of my many online accounts or just hack a poorly coded online application and read badly protected credentials.
Bad password managers (or good ones badly used) are a problem as you describe, but if used right a good credentials store with unique random long passwords for every service/account is (IMO) better than any other suggested solution I've come across.
Keepass is quite advanced and has exporting ability. I switched to it several years ago from PINs using export in half an hour. No problems with transition. Also lost quite a few harddrives and laptops during those years - no problems if you have a backup, and you always have because your passwords database is synced across all of your computers (or it does not make sense).
So, no, there are no problems using password managers. I don't understand how somebody can be NOT using one in this day and time, seems pretty crazy to use insecure or similar passwords.
There are so many meta-problems to deal with when using password managers, I think in the long run they might be more trouble than they're worth.
On a totally unrelated note, I think this abuse of the word 'meta' has gone to far and has to stop. Why are these 'meta' problems and not just problems?
The Keepass I remember was too much and too crowded for a simple need of password storing. I then switched to PasswordSafe and realized that it isn't compatible with Linux, so I went to PasswordGorilla. I have tried all types of simple methods but none defeats the simplicity and compatibility of Gorilla. You just need to keep your database file on dropbox or sugarsync or whatever you use to backup. The term "advance password manager" is an oxymoron, I think.
I've used PasswordSafe for about 7 years. From the beginning, the data file was stored in a VCS (first CVS, now SVN). Though my data file has never been (become?) corrupted, I have in SVN historical copies of all versions of the file that I've checked in (which is 95% of them). Also, since I use SVN to replicate this file (and many others) to PC's in different locations, I have fairly current backup should any PC become available. The only possible problem I can see is if I make changes on 2+ PC's w/o updating first (the binary data file is of course unmerge'able). This forces the habit of frequent updates and checkins; these are good habits IAC.
I've been using a similar scheme but without a database. Just a bcrypt hash of my password using the website/systems name as a salt, and then formatted according to an alphanumeric alphabet with symbols.
It also has support for sub passwords (such as "work/twitter") where it simply generates the "work" password and uses that to generate the twitter password. That way I can give the work password to anyone who needs it and they can get into twitter/etc, while not needing to remember it myself.
This is useful because I can upload the password generator to a website, along with keeping copies on my phone and pc.
I'd be interested in knowing the cryptographic security of this scheme, but I'd assume its pretty good.
This gets problematic when you encounter a site which dislikes your generated password. It just tells that the password is either too long or complex ("N chars max or can't contain '/' character"), or too short or simple ("must contain numbers", and this exact generated one didn't).
It almost goes without saying, but one of the biggest benefits in my opinion is that you get to have a different strong password for each set of credentials. Thus, god forbid, if some site you have an account with doesn't encrypt your password in their DB and gets hacked, you don't have to worry about changing all your other logins.
I think there should be a program like this that sync to mobile devices so you ddon't have to have your primary device with you to be able to use your accounts.
The people that run the sites you use could easily know your passwords. Even if they do store them hashed they may see them in POST debugging logs or something.
Before you use a password which is 9,999 in length, make sure the site you're providing this password is even compatible beyond 8 characters. There are password field boxes out there which would fool you by taking your long password until you realize later that they only took 8 to begin with.
run away from such sites as they obviously store your password in a database. there should be no difference which length is the password since database only stores constant length salted hash of it.
31 comments
[ 0.24 ms ] story [ 77.9 ms ] threadI'm not sure what OS you use, but many terminal programs on Linux (and at least one on Windows) allow you to paste by right-clicking or middle-clicking. Or by pressing ctrl-shift-v, but I find that slightly awkward.
Edit: Seems I overlooked this being mentioned above. Oops.
Alternatively, what happens when you want to transition away from KeepassX and to another, better, more advanced password manager? Or away from password managers all together?
There are so many meta-problems to deal with when using password managers, I think in the long run they might be more trouble than they're worth.
2) You can export a text file or a xml file easily.
As for "if your database gets stolen", that is covered by the encryption of the data and the login method: a password that you know (this one you would have to remember, obviously) and a key file (this may or may not (probably not) be counted as two-factor authentication, depending on how you manage the key file). The thief would not be able to open the database to find your credentials.
If the credentials store and the credentials required to access it are both compromised, so someone does have access to all the data stored within, then you have the problem of changing all those credentials before anyone malicious does something with them. With a backup of the database you have a convenient list of everything that needs to be changed so you don't forgot something important (though anyone else with access to the compromised data also has this list...).
While having a central key store creates its own problems if it itself is not secure, I think that little extra risk is small compared to the risk from other password management (using easy-to-remember things that are thus probably easy to guess, and/or even worse: using the same credentials for many uses). The risk of compromised password store is a local issue, so is something you can control (and hopefully mitigate) locally - no one can try brute force my keepass DB remotely unless they somehow get hold of a copy (which is possible I suppose, but not easy and would require them to be specifically looking for my credentials rather than a more general hacking attempt), but they could try brute force any of my many online accounts or just hack a poorly coded online application and read badly protected credentials.
Bad password managers (or good ones badly used) are a problem as you describe, but if used right a good credentials store with unique random long passwords for every service/account is (IMO) better than any other suggested solution I've come across.
So, no, there are no problems using password managers. I don't understand how somebody can be NOT using one in this day and time, seems pretty crazy to use insecure or similar passwords.
On a totally unrelated note, I think this abuse of the word 'meta' has gone to far and has to stop. Why are these 'meta' problems and not just problems?
It also has support for sub passwords (such as "work/twitter") where it simply generates the "work" password and uses that to generate the twitter password. That way I can give the work password to anyone who needs it and they can get into twitter/etc, while not needing to remember it myself.
This is useful because I can upload the password generator to a website, along with keeping copies on my phone and pc.
I'd be interested in knowing the cryptographic security of this scheme, but I'd assume its pretty good.
Handling such exceptions is somehow unpleasant.