Severe Vulnerabilities Uncovered In Popular Password Managers

chiefcrash shares a report from ZDNet: Independent Security Evaluators (ISE) published an assessment on Tuesday with the results of testing with several popular password managers, including LastPass and KeePass. The team said that each password management solution "failed to provide the security to safeguard a user's passwords as advertised" and "fundamental flaws" were found that "exposed the data they are designed to protect."

The vulnerabilities were found in software operating on Windows 10 systems. In one example, the master password which users need to use to access their cache of credentials was stored in PC RAM in a plaintext, readable format. ISE was able to extract these passwords and other login credentials from memory while the password manager in question was locked. It may be possible that malicious programs downloaded to the same machine by threat actors could do the same. The report has summarized the main findings based on each password management solution. Here's what ISE had to say about LastPass and KeePass -- two of the most popular password managers available:

"LastPass obfuscates the master password while users are typing in the entry, and when the password manager enters an unlocked state, database entries are only decrypted into memory when there is user interaction. However, ISE reported that these entries persist in memory after the software enters a locked state. It was also possible for the researchers to extract the master password and interacted-with password entries due to a memory leak."

"KeePass scrubs the master password from memory and is not recoverable. However, errors in workflows permitted the researchers from extracting credential entries which have been interacted with. In the case of Windows APIs, sometimes, various memory buffers which contain decrypted entries may not be scrubbed correctly."

I enjoy memorizing passwords.

Fuck lazy horse batteries.

2 Factor vaults

[JaredOfEuropa]

Are there any decent USB stick based password vaults? Something that stores credentials internally and manages decryption after entering the master password. You’d still need to take care that the master password or decrypted credentials don’t linger in memory, but I’d feel better having the master data offline instead of having everything floating around in the cloud.

Even better would be an unlock pin (or fingerprint) to be entered on the USB stick itself.

Re:2 Factor vaults

[grep+-v+'.*'+*]

Are there any decent USB stick based password vaults? Even better would be an unlock pin (or fingerprint) to be entered on the USB stick itself.

Great! Then all I'd need is your USB password stick and your finger. The rest of you and your computer can stay behind. I'd rather have the XKCD wrench, thank you.

Re:2 Factor vaults

Neither of those solutions are air gapped.

That is the problem with software based password managers. If you use them on a compromised system you give up all your passwords.

There aren't many clever solutions out there that is better than post-it next to the computer.
If you want to get fancy you can have a notebook with your passwords written in an obfuscated form without complete information to what they are for.

Re:2 Factor vaults

[plazman30]

I was thinking the same thing. You have hardware level access to a PC to the point where you can read RAM in order to get someone's master password from their password manager? Why would you bother? Just install a keylogger instead and you can have all sorts of fun.

Re: 2 Factor vaults

How does any of that prevent a privileged process or a process in your user space from accessing the code and date of the password manager? The "cloud" is far worse, of course. At least a local system is physically under your control.

Re: 2 Factor vaults

[JaredOfEuropa]

They can't get the code if you enter it on the USB device itself. But even if the PIN is entered in the browser plugin for the device, you'd still want a physical button on the stick for each password retrieval. In that case, even if they manage to get your PIN and compromise the browser plugin so they can issue password retrieval requests remotely, they still won't be able to push that button and approve such requests. They get a couple of passwords at best, not the whole file and the master key.

Re:2 Factor vaults

[ilsaloving]

Having it stored on USB wouldn't solve anything because the problems described in the article refer to passwords sitting in plain text in memory while the password manager process is running.

Running a password manager from a USB key wouldn't solve that. At least, not directly. Quitting the application and giving the OS time to overwrite the used memory with new data would be a workaround to the problem regardless of where your vault is physically stored.

The only way to mitigate the problem completely is to not use a vault at all, and instead rely on OTP (One Time Password) and RSA token devices. Yubikey for example, is an excellent option for such a thing, because it acts like a keyboard and inputs the token for you when hit the button.

But of course, then you get into the "something you have" realm of security risks. Nothing is perfect.

Re:2 Factor vaults

[Anubis+IV]

To be fair, there may be forensic value in what they’re doing, such as if the PC has been confiscated as evidence and the user won’t be returning to unlock it anytime soon. Being able to unlock the vault without the need for a keylogger could be a major victory in that situation.

Re:2 Factor vaults

[TVmisGuided]

KeePass on a USB stick, in conjunction with a YubiKey and HOTP configuration, gives you two of the three security factors in just two USB slots. An attacker would need the master password AND both devices to gain access to your password database, and they'd have to know how you have your YubiKey configured to generate HOTPs. A preset number of failed YubiKey triggering attempts, and the database is locked. And good luck guessing the hash that generates the HOTPs. Doubly so since YubiKey configurations can't be read from the device, only written to the device. (Disclaimer: I don't work for Yubico or sell their devices. I'm just a satisfied user who's rather low on the corporate ladder.)

IMO, for the average corporate-level user, it's as good as it's going to get unless you want to delve into the expensive world of biometric authentication to gain the third security factor. And that opens up an entirely new can of worms, which will follow Zymurgy's Law of Evolving Thermodynamics.

Just my 2p worth. Save up the change for a root beer or something.

Re:2 Factor vaults

[ctilsie242]

IronKeys used to have this feature, but not sure what has happened to them since they were bought out, or which models still have this around.

Re:2 Factor vaults

[93+Escort+Wagon]

I was thinking the same thing. You have hardware level access to a PC to the point where you can read RAM in order to get someone's master password from their password manager? Why would you bother? Just install a keylogger instead and you can have all sorts of fun.

I recall that, a few years ago, the encrypted OS X keychain was shown to have similar vulnerabilities as are being described here. Mac users who said more or less the same thing you did now were not always treated kindly on this forum.

To be fair, there are probably cases where this sort of vulnerability might turn out to be useful - nation-state level espionage for instance. Most of us probably don’t live or work in that realm, though.

Re: 2 Factor vaults

[houghi]

The keylogger potentially does not show any passwords.

Re:2 Factor vaults

I use UNIX pass, with the encryption and decryption done on a smart card. I only give up the passwords that I actually use on a compromised system, rather than all of them. Not perfect, but better.

Re:2 Factor vaults

[pnutjam]

This is exactly what Keepass is designed to support. There is a portable version you can keep on your usb stick.

Re:2 Factor vaults

Yeah, people advocating for fingerprints really don't think the implications through.
And even if you think you live in a country where this doesn't happen (think again...), they can just force your finger onto the device and you can't fake it like you can fake a password or pin (in order to open a harmless decoy).

Re:2 Factor vaults

Keepass:

https://keepass.info/features.html#lnkport

Admittedly, you are just running the software from the USB, rather than keeping the security on board (which would be better).

Honestly, most of these vulnerabilities require about as much access as a keylogger, so... yeah, not a big deal. Until web-sites start going with challenge response rather than username/password, you are in trouble either way.

Re:2 Factor vaults

To be fair, there may be forensic value in what they’re doing, such as if the PC has been confiscated as evidence and the user won’t be returning to unlock it anytime soon. Being able to unlock the vault without the need for a keylogger could be a major victory in that situation.

The problem with your theory is that you need the user to unlock the keyvault. A keylogger can catch the password to the vault as easily as memory access can, unless the vault password is entered externally to the machine (eg: on a keypad that's on the key vault, not on the computer), but in such a case memory access gets you nothing, too.

Re:2 Factor vaults

[Anubis+IV]

The problem with your theory is that you need the user to unlock the keyvault.

While that's true for the sort of malware described in the summary, that's hardly the only way to approach the issue. After all, if the problem is that confidential data is being persisted in memory when it shouldn'tbe, there's nothing stopping a forensic investigator from dumping the contents of memory after the fact to exploit these weaknesses, hence my suggestion.

But I do agree that if you're installing malware on their system and expect them to use it again after you do, you'd be better off with a keylogger.

Re: 2 Factor vaults

I meant code and data, as in executable code, not passcodes. If reading privilege data requires pushing a button, then all a process has to do is observe the data accessed by the critical code path, perhaps with manipulation of code, perhaps not.

Re:2 Factor vaults

[DethLok]

Needs a mod for "terrifying"...

'severe'

[Njovich]

So security researchers are scraping the bottom of the barrel to such an extent that having access to program data when you have total control over a computers memory is a severe vulnerability now?

Re:'severe'

[OffTheLip]

Users of this "vulnerability" are most likely state actors/law enforcement agencies, and 3 letter organizations. They have your computer, they need your password protected data.

Re:'severe'

Slashdot is just another clickbait site nowadays. It's really sad.

Re:'severe'

[flirek]

Main memory of today's computers cannot be considered "private" & "secure" enough as Intel IME and similar garbage can directly read from it. Assumption that you have total control of memory is false.

Re: 'severe'

This comment brought to you by Panasonic: Sustainable Energy redefined.

Re:'severe'

So security researchers are scraping the bottom of the barrel to such an extent that having access to program data when you have total control over a computers memory is a severe vulnerability now?

Yes and some of the findings where already documented on the suppliers site.

Re: 'severe'

The point is you have more to lose if you use insecure password managers when your computer is compromised.

Re:'severe'

[AmiMoJo]

Keepass is basically as good as it can ever possibly be. The "vulnerability" they found relates to the fact that when it displays entries on screen Windows will make copies of some of the data to create the GUI, and there is no effective way to scrub that.

Which is basically irrelevant because 99% of the time the user is going to use that information on the same machine anyway, i.e. they will copy/paste it into a browser or encryption app. So the attacker needs to have control of the machine in order to read process memory, and even if somehow Keepass blocked them they could likely just recover it from keystrokes, the clipboard or the app it's being used it.

The main risk is that the app crashes and the secret data can be recovered from the crash dump, but Keepass prevents that happening. Unfortunately they don't seem to have tested that attack.

Re:'severe'

[GrandCow]

The weak link is always the human.

If you're determined enough as a 3-letter agency to get in, then you can also disappear the person. Beat them enough and they'll give up the password. That beating can be either physically beating, or mental by doing things to family, friends, bank accounts, etc.

Re:'severe'

[Jeppe+Salvesen]

Or whoever established a foothold on a computer and is looking to expand their territory. Let's say they got something running from a drive-by infection. They can now proceed to access social media, buy stuff with the owner's money using amazon 1-click and so forth. Maybe even find the owner's actual comments on Pornhub in order to make the extortion mails more believable. Industrial espionage. Basically, these vulnerabilities can result in monetary gain for the attacker so it'll attract some proper talent.

"Severe" is possibly overstating it, but we should't downplay this too much either.

Re:'severe'

My password manager has the option to reveal the password char by char, which is also the most sane way to input a complex random password. It also uses a dedicated keyboard for input, rather than the system default, which it many cases collects the user input for various reasons, and it can also randomize the layout just in case.

Re:'severe'

[cjeze]

uh. it is absolutely not the bottom of the barrel. Most exploits works from inside the computer, if there are proven tools that can extract passwords and passphrases from memory it is just a matter of time before they can take over your whole life. If not fixed quickly exploits are going to pop up in the wild in 3..2..1..

Re:'severe'

[msauve]

Whoosh.

If a bad actor has control over a computer, they can simply use a keylogger. Way easier, and way less data to weed through.

WARNING! SECURITY ALERT! If someone has control of your computer, they have control of your computer.

Re:'severe'

[scdeimos]

Is it bottom of the barrel? I think it's healthy to stop and think about how password managers get used. If it makes you reconsider keeping your password manager open and unlocked all day every day, as opposed to only when you need it, this is a benefit. I'd never considered the implications of the Show/Hide Asterisks feature in KeePass, for example.

It's also important to remember: an attacker might have access to the memory of your computer, in which case you've lost the battle for your computer, but if they can also score all your usernames and passwords as well, that really does give them the keys to the kingdom.

Re:'severe'

[l0n3s0m3phr34k]

Yes, this is NOT a real vulnerability. Neither CVE or NIST shows anything for Keepass 2.41; until something shows up here it's "unsubstantiated" aka like a "unpublished peer review".

Re:'severe'

A state actor can access any PC. There are thousands of different ways of compromising endpoint security. Modern operating systems offer almost no endpoint security at all.

Re:'severe'

[Cmdln+Daco]

Translation: None of us should fret about this hyped up topic. Unless we are actors on the level where a government agency is going to come after us.

And no, few if any people on Slashdot meet that criterion. No matter how much we herp and derp about it.

Re: 'severe'

im in ur base killin ur doodZ

Re:'severe'

Is it bottom of the barrel? I think it's healthy to stop and think about how password managers get used. ...
but if they can also score all your usernames and passwords as well, that really does give them the keys to the kingdom.

I'd say yes, at least with their keepass results, this is bottom of the barrel.

They say this is a vulnerability in keepass, yet the only place in ram they found plaintext keys was from the windows API.
That sounds to me like a windows problem and not a keepass problem.

All passwords are going to be used to authenticate to something. If you can only get at the plaintext key after it is handed off to that something, it does seem like a huge stretch to blame the password manager for it.

Or put another way, if you remove keepass 100% from the equation, these researchers could use the exact same exploit they did to get the password you typed into a windows dialog box right from the windows API that created that dialog.

If their exploit works when typing in a password you memorized in exactly the same way it works when getting the password from keepass, as the case seems to be, it simply can't be a keepass vulnerability.

Clearly the exploit being in Windows makes it a lot worse than if it was just in the client/program you are authenticating with. Windows API will be involved with all of the passwords you use, while the client software only for what it does.

IE if you can intercept a password sent to chrome/firefox, you can get all web passwords, but your SSH client may be secure. With the problem being the windows api, both of those are equally vulnerable.

But all of those cases are long after keepass did its job, so I don't see how this is the fault of keepass like they claim.

Also entering the password by hand into a dialog will cause it to be kept in the windows API ram just the same, and I don't see why this is a keepass fault like they claim, especially for all the situations where people don't use/have/know-of keepass and have never once used it!
Yet it is the same exploit.

Grandma runs a program and types "12345" - never once heard of keepass, just types it - and according to these researchers the very fact they can find "12345" in ram left behind by a windows dialog box is somehow the fault of keepass. Again, the fault of a program not used or involved in that example!

That's why this is bottom of the barrel.

Note I'm not saying such verification and testing shouldn't be done. It absolutely should be, over and over, by as many people as possible. We don't want to miss anything.
I just feel the results should be labeled as what they are.

Re:'severe'

[Njovich]

If you suspect the CIA/NSA is really after you I wouldn't recommend you to use Lastpass, or Windows. In fact your options are pretty limited and I would highly recommend to not get into that situation in the first place.

Re:'severe'

[AmiMoJo]

For most people the threat model they should be concerned with is password reuse and weak passwords. A password manager, even a flawed one, can fix both of those.

The convenience vs. security trade-off of not having to keep unlocking the password manager is worth it for most people, because the alternative is realistically going to be using "passw0rd" for everything. In fact I recommend people have their browser remember their passwords.

Re:'severe'

[drinkypoo]

That was a cool comment until the part where you hit submit before telling us which one it is.

Re:'severe'

Keepass has the feature he mentioned, called auto-type. You can initiate it either from KeePass, where it will minimize the keepass window and start typing in whatever window was underneath, or you can configure a global hotkey, which will make keepass run a search based on window title for the relevant password entry.

Re: 'severe'

Agreed, haha.

Re:'severe'

The goal wasn't self promotion but to share a bit of functionality others might consider adopting to improve on their products.

BTW even my manager doesn't really take measures to protect in such a severe case of compromised system that would allow an attacker to examine the ram content, if that is even possible..

Re:'severe'

Yeah, because everybody follows the law, right?

Re:'severe'

Um, no. The browser is the most leaky thing I could think of, it *voluntarily* gives up loads of fingerprintable information about itself to the point of accurately identifying a person who hasn't attempted to mitigate the leaky info. Browser security exploits are common as dirt.

How far do you trust the people who write in-browser password lockers? It might be a security risk too if the add-on devs aren't careful with isolating your database from the rest of the browser's or OS's cache, who knows?

Re:'severe'

[Zehsi]

your assumption that every computer has intel cpu is also false.

Re:'severe'

Last month the EU started sponsoring a bug bounty for KeePass. Then this "severe" bug is found the next month. Coincidence?

Re:'severe'

You must be very young to not know how vulnerability disclosure works. Not everything is in those databases. There was a time before they existed at all in fact.

And most damning of all: attackers don't give a flying fuck about your formalities. If the knowledge is out there, it will be tried out live on whatever system they can.

Re: 'severe'

That article is beyond insane. First off, we do regularly commit felonies but those examples are ridiculous and very specific, almost like they were tailored to an individual.

First its sating you do these twice a day, let's take a look.

1) The appropriate action to finding a single bud of marijuana that your sister is smoking only applies if you have a sister, but its to smoke it not to flush it.

2) This one is the most plausible, but I've never received an odd package personally.

3) In the example it says the law was amended already.

4) I know a lot of people with motorcycles. Who rides them around in the woods? That defeats the purpose.

5) I'm not a journalist who receives info from Edward snowden.

6) I don't quit my job regularly, nor do I email people regularly about it. Also, my friends and family don't use "protected" computers for the company I would quit from.

7) I've literally never even met a park ranger, and I was in boy scouts and hike all the time.

8) Anyone creating a website for a religious organization of any kind is just getting that "karma" or "gods wrath" they so fervently believe in.

I seriously think this article was made by looking at one if the journalists lives that published info from a security contractor and attempted to attack them directly.

Re:'severe'

[strikethree]

If you suspect the CIA/NSA is really after you I wouldn't recommend you to use Lastpass, or Windows.

Or any modern CPU. That "management" feature that you can't disable? Yeah, that is a back door. Even worse, I know for a fact the Intel CPUs were being built with 3G chipsets inside of them, so even being "offline" isn't good enough. The entire computing environment needs to be TEMPEST shielded, as in Enemy of the State.

I assume they have upgraded from 3G in their CPUs. You simply can not trust any modern technology if the CIA/NSA is after you.

It should also be noted that it is not technically difficult to build an EM sensor that can capture the weakest of EM radiations up to about 50 feet away. Without TEMPEST, they can read the data travelling on the CPU bus from 50 feet away.

Re:'severe'

[sexconker]

KeePass also has a feature that obfuscates autotyping. TCATO I believe, for two-channel auto type obfuscation.
It just doesn't type your password, it types characters, moves the cursor around, types others, pastes certain bits, etc.

It'll fool the common sniffer software, but anyone with a full dump (including what was copied and pasted pasted - most software keyloggers don't do that, and in-line hardware keyloggers can't do that) can of course replay it to get the password.

Are these really that severe?

If a malicious software can access the RAM, my computer is already compromised.
If my computer is compromised, it's much easier to steal the passwords when I'm saving it on the clipboard and pasting it on a website. Or having the keys logged when I'm typing the master password.

Re: Are these really that severe?

Certainly the windows 10 one requires the malicious process to have admin rights and pick the passwords out while KeepPass is still running. New processes only get allocated memory that was scrubbed by the OS.

Re:Are these really that severe?

If a malicious software can access the RAM, my computer is already compromised.

But is the compromise retrospective? If someone breaks into my office and I have time to hit the "Lock" button on the password manager before they grab me, will they be able to extract anything from the computer?

Re:Are these really that severe?

It doesn't matter. This is where the $3 wrench comes into play. When they start beating you with it, you can then make the determination whether or not to give them your master password. If you acquiesce, they might beat your head in. If you refuse, they might beat your head in.

Re:Are these really that severe?

If a malicious software can access the RAM, my computer is already compromised.

But is the compromise retrospective? If someone breaks into my office and I have time to hit the "Lock" button on the password manager before they grab me, will they be able to extract anything from the computer?

ghacks points out that Keepass can be set to lock its workspace after a period of time of inactivity in the program, or inactivity from the global user, and that the program can be set to exit instead of locking.

Re:Are these really that severe?

[Smidge204]

While true, that also means that it would have to wait until you actually copy/type the password in order to steal it, and there is still the task of identifying the password out of all the other data you copy or words you type through out the day.

Or, since you have access to the RAM, just snag it from the password manager whenever the process appears. Then you get all the passwords at once, along with usernames or other important info, and you don't have to sift through junk data to find them.
=Smidge=

Re: Are these really that severe?

Getting your head beat in to death from a robber is a feature, not a bug.

Do you really want to survive a violently traumatic physically crippling attack like that?

When the wrench gets pulled out, the only security and dignity safe thing to do is accept that you've been murdered.

Re: Are these really that severe?

The article itself acknowledges that the passwords in the vault, aren't stored unencrypted in RAM by either of the tested password managers.

Re: I enjoy mamorizing pusswords.

Twat did you say? I cunt hear you!

old and crusty is good

Your Password Safe should be the oldest and least feature ridden software on your computer, old and crusty is good. Forget all of the fancy cloud-auto-fill-automate-everything. Like they say: KISS

Re:old and crusty is good

I have had my Password safe database about 15 years now and it has outlasted many computers it was installed on. No need to get any silly cloud shares or other security holes. Just backup the database file and enjoy secure, randomly created and absolutely long enough passwords which are unique for each site.

Not sure

[Artem+S.+Tashkinov]

If I understand these two "vulnerabilities" properly, they require a piece of software installed/running locally which will steal/grab these passwords from RAM. However no normal/legitimate software will ever steal your passwords or access the RAM regions of other applications, which means this software is in essence malware which means you're already completely fucked and this software may just steal your master passwords, retreive all files, etc. etc. etc.

Re:Not sure

[mentil]

This could be relevant to memory-access attacks, like escaping from VMs, Docker containers etc.
It seems unlikely a server would be running a password manager app though.

Re:Not sure

[Zocalo]

There are varying degrees of "completely fucked", but yes, if you are being successfully attacked using this method then you are already in a pretty bad place, although it's possible that a lucky attacker might obtain enough info to pivot the attack onto an entirely separate system you happen to have a password for. Going from one PC being compromised to your entire network being compromised is definitely a step up in the level of "completely fucked".

Of course, if the malware has already been able to intercept the master password to your password DB, then they'll likely have sent the DB file and the password back to a C&C server anyway, so it's very much game over at that point.

Re:Not sure

[Zocalo]

It seems unlikely a server would be running a password manager app though.

No, but it's much more likely that a compromised PC with a password manager installed might be used to remotely log into that server and provide the attacker with a means to obtain the server's password. This provides another avenue of attack to obtain a server password, albeit perhaps not the easiest one to get the same results, but the more attack vectors there are the more likely it is that one will succeed, and it only takes one...

Re:Not sure

[Sique]

It's not unlikely. Actually, it's quite often used.

Imagine an IT shop working remotely on diverse customer sites. There are dozens of technicians, and literally hundreds of passwords. One way to manage the password hell would be to assign a password safe to each customer, installed at the customer site on the server you use as central remote access. So your technician tasked with a job there would look up the password safe master key for that customer, and then remotely access the server there, to find the passwords necessary to access all the other systems your IT shop manages.

Re:Not sure

[Kokuyo]

I'd even go as far as to say that a relatively sophisticated keylogger is probably much easier to code and just as effective.

Re:Not sure

[drinkypoo]

This is why meltdown is important. There have historically been lots of ways to sneak code onto users' computers. We like to think protected memory will, uh, protect us. But since it won't, these things are important.

Rendering passwords without using the system font libraries (or GUI text widgets) solves the problem of being able to grab the data from the OS. There have long been password deobfuscation tools, my favorite used to be snadboy's revelation but I don't think that works any more. Helped me a lot back in the xp days, though. But being able to read another process' supposedly protected memory is a whole other level.

Use The Best Password

[mentil]

That's why I always use a yuge password: 1234abcd. It's a very good password. The best password, really.

Re:Use The Best Password

[kbg]

That's amazing! I've got the same combination on my luggage!

Re:Use The Best Password

[complete+loony]

Summer2017 was a good time for password cracking.

Re:Use The Best Password

Order the attack!!

and change the combination on my luggage!

Re:Use The Best Password

[93+Escort+Wagon]

You should switch it to something like “hunter2”.

Smart cards & class 3 readers are built for th

Like with FinTS.

You have a smard card that is its own computer, and a physically secured reader that lets you tell if it has been tampered with, with its own screen and keypad.
The card has a secure channel to the bank that not the computer and not even the reader can access (only forward), and a channel to the reader.

The reader accepts an action (like a money transfer) request from the PC, displays the amount and recipient of the money, and lets you input a PIN. Then the card uses the internal key and the PIN instead of a TAN, to communicate with the bank over the secure channel, authenticate itself and order the action. All th reader and PC can do at this point, is block communication. In whch case no action is happening. They cannot communicate such matters with the bank themselves at al!

But all those things are of course pontless, if the manufacturer of the card, (maybe the reader), the bank servers, the CA, or the confines of your own home and PC aren't checked for trustworthiness by yourself.

Remember
1. there are dopant-level hardware trojans now, and
2. there is always the $3 wrench.

Yeah, you can destroy the card with a dead man switch by not triggering a refresh when being captured, or destroy it manually, ... but you're still gonna die from blunt wrench trauma. It's how my grandpa actually died. (Except it was an axe.)
And yeah you can make your own CPU. I did. But it won't be of much use, unless you can build your own chip making machines from scratch at a secured secret location.

Sooo... That's why pros make a threat assessment. See who, not what, has interests in such a thing, and what power they actually have over you.
You e.g. cannot solve an evil goverenment with technology. It's the goons actually following the evil leader that are the real physical threat. Without them, even the worst evil overlord is a joke.

Breaking news!

"Breaking news - software reads data from memory"

Re: I enjoy mesmorizing pastwords.

This just in, you either earn the label of being secure or you regret the day you ever suggested it.

To absolutely no one's shocked surprise, secure password managers aren't secure because caching echos....

Re:Frist

Alan?

Re:Smart cards & class 3 readers are built for

Remember
1. there are dopant-level hardware trojans now, and
2. there is always the $3 wrench.

I'm not that worried about the wrench. It only comes into play in a targeted attack against me.
What I am more worried about are large scale fishing expeditions where I'm just one victim among many.

I do not trust my computer so any password management system has to be air gapped.

Not what password managers are designed for

If your computer already has malicious software running on it, you're already screwed.

There is no way a password manager can protect against that. The malware could simply put up a screen looking like the master-unlock screen and wait for the user to type the password in. It could be pixel-for-pixel the same, so there would be no way to know.

passwords.txt

This is why I just keep passwords in a text file on disk. With full disk encryption enabled they're even safe! (as long as the computer is off of course)

Re:passwords.txt

[Opportunist]

As long as the computer is off, it's also pretty secure in Lastpass and Keepass.

My personal password manager (Emacs+GNUPG)

A simple org-mode (i.e. text) file encrypted with GNUPG... I'm confident enough in garbage collection, while there is no ram "scrub".
Apart of that ladies and gentleman consider a thing: your (and so mine) CPU have tons of crappy code we do not know, even worst
our's motherboards contains shitload of crap we do not know... I bet those are FAR bigger threat than any FOSS password managers.

Also having tons of different services (on-line, or on someone else computer normally) is a threat by itself. Ask yourself if you really
need such enormous mass of accounts of only few are enough and so you can manage your passwords in your mind.

Sorry for my English.

Re: My personal password manager (Emacs+GNUPG)

Sounds like you reimplemented UNIX pass (also known as password-store).

that's why I keep my passwords!

[danbuter]

That's why I keep my passwords on a sticky note on my monitor! Never trust the cloud!

Re:that's why I keep my passwords!

This is legitimately good advice for most people.

Say what?

"However, errors in workflows permitted the researchers from extracting credential entries which have been interacted with."

The sentence above is from the last para of the post. "permitted the researchesr from extracting. Permitted from? Huh?

Keylogger would be easier

Every one of these "severe" vulnerabilities requires admin privileges. Why would I go digging though scraps of ram to find a password when I could just access the keyboard buffer?

Re:Keylogger would be easier

[bobbutts]

The user is usually copying and pasting in the case of using a password manager, so the keyboard buffer will not have what you are looking for.

Say what?

"However, errors in workflows permitted the researchers from extracting credential entries which have been interacted with."

DMA Attacks!

You don't need root/administrator, attacker can do DMA attacks via Expresscard, Firewire etc.

Other ways to display data

[Comboman]

Keepass is basically as good as it can ever possibly be. The "vulnerability" they found relates to the fact that when it displays entries on screen Windows will make copies of some of the data to create the GUI, and there is no effective way to scrub that.

Are you kidding? That's easy, don't use system fonts to display the password on-screen. It takes a bit of effort to create letters from graphic elements like lines and semi-circles but it's much safer (/-\ = A, etc). You could even randomize the angles and lengths of the line segments slightly (like a captcha) to prevent automated pattern recognition.

Re:Other ways to display data

[drakaan]

Well, yes, but since you're most likely going to be doing a copy/paste out of the field with the password in it, that vulnerability is going to be eclipsed by the vulnerability of being able to grab what's in the clipboard. KeePass already doesn't show you the password by default when you open an entry. You have to click the little "show password" button. They could have easily made the password display as a bitmap image instead of text, but I'm assuming they didn't for the same reason I just mentioned. I mean, you can make it not ever display text, but instead read the password aloud, but each of the mitigations mentioned are just going to make people not use that password manager because it becomes inconvenient. Ultimately, if you don't just have all of your passwords memorized, you are vulnerable to some sort of attack that doesn't involve the wrench technique.

Re:Other ways to display data

[93+Escort+Wagon]

Well, yes, but since you're most likely going to be doing a copy/paste out of the field with the password in it, that vulnerability is going to be eclipsed by the vulnerability of being able to grab what's in the clipboard.

By default, the Mac port “MacPass” removes a copied password from memory after a length of time (either 15 or 30 seconds, I believe). I assume they adopted this behavior from KeePass proper, but don’t know that first hand.

Re: Other ways to display data

Not quite. MacPass removes the password from the clipboard after 10 seconds, but does not remove the password from memory. Big difference, and basically the entire point of the friendly article.

Re:Other ways to display data

Yes, Keepass has this feature, but it is irrelevant if the machine is owned and there is a clipboard logger recording anything that lands in the clipboard.

This is why Keepass has auto-entry that will put a password in as a series of keystrokes (including backspace) and copy/pastes so that a keylogger/clipboard logger would need to work a little extra hard, though they admit this isn't much of a burden.

Re:Other ways to display data

[sexconker]

And the chunk of memory showing how to draw those things will possibly be copied out by Windows.

The OS has full control over memory. KeePass cannot fix this. There is nothing to fix. If your box is pwned you lose regardless.

But we are still safe on

[AHuxley]

Apple? Thats all good right? And Linux? All good?

Pass-the-hash

Once someone has logged into a website you could also grab their cookies from memory or their NTLM hash or ... without the need of the actual password.

CVSS v3 Vector
AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N

CVSS Base Score:
1.8

Not a severe issue especially since low-hanging fruit is attempted by the password managers. Perhaps they will add more extensive methods, but each OS version will require custom API specific code for each scenario.

Media over-hyped.

ugh

[fluffernutter]

Independent Security Evaluators (ISE) published an assessment on Tuesday with the results of testing with several popular password managers.

I have to snicker that anyone would fail so spectacularly. They realized just now that memory has to hold field data at some point?

Still using pwsafe

[godrik]

Bruce Schneier, thank you for the fish!

Re:Still using pwsafe

It has the same problem, among other ones like not properly encrypting the data.

Re: Smart cards & class 3 readers are built fo

You're not worried because biometrics tied to your bank accounts are virtually unheard of. Make no mistake, people will be missing fingers if it becomes common.

Sides, identity is not a password.

yea well, that happened

I've been warning about this for a while. Everyone called me an idiot or paranoid. You can see it happening w/ keepass for example using windbg, the password is showing up multiple times in the pagefile for example. They decrypt the string a lot and don't properly scrub it. This happens frequently for example when gauging the "bit" strength of a password and when decrypting to copy to clipboard etc. There is a lot of moving around in memory that is unnecessary. And, no attempt is made to virtual lock the byte buffers. They rely on SecureString to protect them without really understanding the implications of its use. I never checked lastpass because they were compromised only a year after their business began and their db was stolen.

I tried keepass once... for about 30 minutes...

[gosand]

I finally decided to try it a couple of years ago. I got it all set up with about a dozen passwords.
The next time I opened it, they were all gone. No trace. I uninstalled it and went back to memorizing my passwords.

I find those tools as a single point of failure. I have a password scheme that I use, and keep a list of plain-text reminders for each site. The reminder is so vague that nobody could figure out the password, but I instantly know which scheme I use.

I still remember a password that a departing intern told me back in 1995. It was for one of our test systems, in case I needed it. It was the first letter of each word of a song lyric, and it still meets all modern password requirements. I have never used that password myself, but remember it to this day. I don't even need a hint.. but I could easily write down a simple fact about the artist if I ever needed to.

Re:I tried keepass once... for about 30 minutes...

You either repeat your passwords on multiple sites or don't go to very many sites.

Re:I tried keepass once... for about 30 minutes...

[b0bby]

I have a couple of schemes which I use for a lot of my passwords, but there are enough unique ones that I find Keepass extremely useful. Not to mention that I keep note of a bunch of other data and my kids' passwords there too. Also my wife could use it if she needed to if I get hit by a bus.

I've helped a bunch of people set up Keepass, and I have never seen the data disappear. But if you don't need it, your way is probably better!

Found on windows 10 systems...

So what you're saying is, people who care about security in the first place are all unaffected. Nothing to see here.

Confusion in the comments

[FeelGood314]

There are two types of attacks against systems like this.
1 where the attacker modifies the system, hopes the victim doesn't notice and then steals information when the victim next uses the system
2 where the attacker steals the system and then tries to extract information

These attacks are against the latter, where I steal your laptop and then try and extract your passwords from the running machine. If your password manager is open and unlocked, then I can trivially get your passwords, but if the manager has been closed, then these attacks could reveal your passwords.

I once tried to bid on writing the standard for Canadian Interac point of sale devices. The spec at the time failed to make this distinction.

Uppercase, Lowercase, Number, Hindi, Klingon

The problem with airgapped password storage is that if you don't absolutely despise typing your password in every time it's needed, it isn't long enough, isn't random enough, or you're a masochist.

Partial Solution

Write some stuff in code. Don't put your passwords in any password manager perfectly, instead you have a few words you memorize to slap in the middle of a password... but instead of those words, you use other words or numbers that remind you of those memorized words.

Example being a real password of
123slashdot456

you put your codeword in there as
123snake456

Re: Smart cards & class 3 readers are built fo

says someone with no money. Biometrics do come into play when we're talking about fuck you amounts of money.

Phew

It doesn't look like the best one, Bitwarden, is affected.

even Q-class answer to an ROI

[epine]

If you're determined enough as a 3-letter agency to get in, then you can also disappear the person.

Yes, of course. The good, old TLA infinite-budget porn.

Your position in the security food chain determines how much they are willing to spend. Even well-healed Q-class spooks answer to an ROI at scale.

Of course, part of the signal about your rung on the security food chain is determined by how effectively you armour yourself with effective prophylaxis.

This is why security culture can only work as a public good, wherein everyone on principle uses the highest caliber of security practical. When security is practiced exclusively on an as-needed basis, it only helps to paint a more accurate bull's eye on your backside.

All the TLAs must surely love the useful idiots who distract from the economic model that prevails here, by ranting at high pitch about naked capabilities, as there are no endemic constraints on their side of the fence.

Pass word managers

What If your cpu is hacked or bad guy turns it on or can logon by some method. Are all your logons and passwords now available via selecting the LastPass icon? Hacker gets on and, opens yahoo mail, then pulls down the LastPass "recently used" or matching sights" ? Is hacker into much of your stuff??

Use pass

[allo]

The standard unix password manager is in many aspects more secure than the bloated ones: https://www.passwordstore.org/

- It is minimal. It is a short bash script, that you can read completely before using it.
- It uses standard tools like gpg for storage and pwgen for password generation
-It has a simple command line with some uncomplicated graphical frontends
- It does not leave anything in memory, as it terminates when it finished copying the password to your clipboard or writing it to the console (or in the pipe of some other program).

xdotool = no clipboard

On *NIX systems running X11, you can use xdotool to 'type' a password as if it were typed from a keyboard. I use pass (password-store) with a script that decrypts through xdotool. The clipboard never gets used. I wonder if other OSes have a similar capability