1

How safe are password managers like LastPass?

One comment there asks:

Does anyone know of any Byzantine password systems? E.g. 3 or 5 online systems, where breaking any single system would not give the cracker all of your passwords. Ideally one might be LastPass, and the other 1Password - i.e. different companies - but even just multiple independent instances of the LastPass servers would provide some extra degree of security. // Possibly Byzantine for reliability as well as security.

That seems like a very interesting system. With lastpass and 1password protected by 2fa(Two-factor authentication), just knowing one won't divulge the other.

Does that actually make sense? Anyone tried that? Is this an actual system many people used?

I think one comment by @jak tells me what I mean

Maybe it means "n out of x" pieces would be needed to recover the full information, like 2-out-of-3 for key ABCDEF being split into ABCD, CDEF and EFAB

I want a system where the only way I lost access is if my computer and my head and my finger prints and my phone is gone suddenly. I want a system if I have 2 or 3 of them I can recover the rest. But a hacker need 2-3 of them. So a stable system that always give me an upper hand compared to hackers.

I do not think a hacker can easily get my computer and my password and my finger print. We're talking about James Bond kind of skill to get 3 factors. But I easily have that. If one day my fingers are gone, I still logged in from the same computer. So I have 3 factors again and insert a new finger print on file.

schroeder
  • 125,553
  • 55
  • 289
  • 326
user4234
  • 139
  • 8
  • I am thinking of using both 1password and lastpass. A user need to hack both to get my password. That sort of thing. Or perhaps I have 2-3 devices. A hacker need to hack 2 out of 3 to get something valuable. – user4234 Oct 09 '18 at 11:52

2 Answers2

3

There is no such thing as a "Byzantine password system". "Byzantine complexity" is a description of:

anything that is so overly and unnecessarily complex as to be beyond understanding.

So, all they are saying is to split up passwords across multiple systems.

Does that actually make sense? Anyone tried that? Is this an actual system many people used?

Yes. All the time, and in various different ways. In more general terms, it's called system redundancy. Like when servers are distributed across AWS as well as Azure. Also, data can be backed up on disks, RAID arrays, mirrored systems, and backup tapes all at the same time.

For passwords, many people do this in various ways. Some passwords are stored in password managers, others in the person's memory, some are written down. Some people store some passwords in their browser password manager and some in a 3rd party password manager.

You need to perform a risk analysis to determine what's going to work for you and what risks the extra complexity will create.

schroeder
  • 125,553
  • 55
  • 289
  • 326
  • I think the part mentioning redundancy might be missing the askers point, "multiple systems where breaking any single system would not give the cracker all of your password" sounds more like secret sharing https://en.m.wikipedia.org/wiki/Secret_sharing – J.A.K. Oct 09 '18 at 11:19
  • @J.A.K. the quote mentions "reliability", so I wanted to address that, too. – schroeder Oct 09 '18 at 11:33
  • I'm not sure how pure secret sharing can be accomplished using this approach – schroeder Oct 09 '18 at 11:35
  • Maybe it means "n out of x" pieces would be needed to recover the full information, like 2-out-of-3 for key ABCDEF being split into ABCD, CDEF and EFAB – J.A.K. Oct 09 '18 at 14:32
  • @J.A.K PRECISELY. I want a system where the only way I lost access is if my computer and my head and my finger prints and my phone is gone suddenly. I want a system if I have 2 or 3 of them I can recover the rest. But a hacker need 2-3 of them. So a stable system that always give me an upper hand compared to hackers – user4234 Oct 09 '18 at 18:35
  • Then you can split up a master password in the way I described, and store each behind the different access systems. The length of the unknown part for each is the extra security you have. E.g. splitting up a 30-character key into 0-20, 10-30 and 20-10 would give an attacker 10 characters to guess if he had one of the key parts and knew the scheme. – J.A.K. Oct 09 '18 at 23:48
2

Does that actually make sense? Anyone tried that? Is this an actual system many people used?

Yes it's possible. Essentially you'd just split a secret password using Shamir's Secret Sharing so that each manager only have one part of the key. The problem with this is that you'll need to use different passwords for each share, for this to be effective. The problem with this is that it's overly complicated and it's unclear if it'll be any more secure than the regular system.

In any case, the biggest avenue of attack of a password manager is by far on the client side, i.e. when the password is necessarily on the clear as it needs to be used, not on the server side where data is easily secured by a simple encryption. As far as I can tell, the has never been a major security incident where a server side vulnerability of the major encrypted password manager causes any actual password compromise. So this is a solution for a non problem to begin with.

Lie Ryan
  • 31,279
  • 6
  • 69
  • 93