What this seems to be, in essence: password = HMAC(key, website).<p>Why this is bad, compared to an encrypted on-disk key store:<p>1. A password is now ciphertext, not a block of line noise. Every time you transmit it, you are giving away potential clues of use to an attacker.<p>2. The search space for possible passwords is bounded if you know the website. You are subject to key guessing attacks. If your key is short, pure serial guessing will break it fast.<p>3. They don't need any access to you or your stuff, to guess a key. They don't even need access to the server, it can be guessed on an unrelated machine. You don't have the opportunity to detect a break-in and neither does your bank, etc.<p>4. You only have one password for all the sites, really, underneath, and it's your secret key. If it's broken, it's now a skeleton-key and your digital ass is theirs.
I really dislike the copy/marketing of this tool. OK, so it doesn't sync? How does it work? <i>reads whole front page and all features</i>.
No sync, but access anywhere? How does it work?? *clicks the "How it works" link and reads another 5 paragraphs of "This is great. It's so simple. It works really really well. You can phone people and they'll tell you how well LessPass works". Finally, after clicking on the link and scrolling past a bullet list and stylised quotation, we get<p>"The trick is to compute passwords rather than generate and store random passwords.<p>LessPass generates unique passwords for websites, email accounts, or anything else based on a master password and information you know."<p>"Next-gen", "Anywhere, anytime", "Manage directly from your browser". These are all super cliched, really cheap phrases that I really dislike. The front page is full of them. If you're marketing a luxury yacht trip to people with more money than sense, then sure you're probably going to get good results by writing like this. But the folk reading about this are going to be pretty technical and I'm sure everyone would appreciate to see something like "We provide a function that generates a memorable password from the site name and your master password" on the front page, above the fold.<p>In terms of entropy, you may as well come up with your own function. Security through obscurity is bad (no one knows the function you use to generate site specific passwords) but it's better than security through less obscurity (use a public function that a bunch of other people are using).<p>You can't get free entropy. If you care about your passwords not being broken when a database of hashes is dumped, you need to use a long, securely generated, random password. Sure, this is better than using the same password everywhere, but it's not really an alternative to something that uses proven cryptography to generate secure unique passwords. Passwords generated using this are only as good as your master password, with some obscurity thrown in.
It's great people are exploring this problem space, but so far nothing comes close to <a href="https://www.passwordstore.org/" rel="nofollow">https://www.passwordstore.org/</a> which is just a wrapper around gpg and git. It has Android/iOS clients, as well as GUI clients.<p>On Android I use Password Store + OpenKeychain, the UX with a YubiKey is very smooth.<p><a href="https://fossdroid.com/a/openkeychain.html" rel="nofollow">https://fossdroid.com/a/openkeychain.html</a> <a href="https://fossdroid.com/a/password-store.html" rel="nofollow">https://fossdroid.com/a/password-store.html</a>
Others have expressed most of them, but issues I see with this is:<p>* Algorithm can't be changed/improved without changing all your passwords.<p>* Your master password can't be changed without changing all your passwords.<p>* You have to remember yourself at what sites you are already registered, and in case of critical bug, you would perhaps need to change password at some services (again remembering which ones they were).<p>With that said, I really like the outside-of-the-box thinking on this.
How do you deal with sites whose password requirements don't match the output of LessPass? How do you handle the fact that sites want you to change your password? Yes. There's a counter field, but how do you know what site uses what version of the counter? How do you change the master password without having to change all passwords?<p>Thing is: There's a solution for all these problems: All you have to do is actually generating a random password and store that (in-fact, that's the solution proposed by LessPass to use for these special cases. But if you have storage for the special cases, why not just store the passwords to begin with?)<p>You don't want to sync it because you don't trust the client-side encryption used in all the managers out there? Use a piece of paper to write the passwords down. Or use a device you constantly carry with you as your password store.<p>While there are tons of workarounds for the issues of stateful password managers, there are none for the stateless ones (aside of storing the state somewhere, but if you're doing that, why not just store the password?)
I'm the creator of LessPass. We did not expect as many visits on our website. Thank you. We are working on:<p>* encrypt password profiles client side.<p>* help user change their master passwords (<a href="https://github.com/lesspass/lesspass/issues/36" rel="nofollow">https://github.com/lesspass/lesspass/issues/36</a>)<p>* mobile version(<a href="https://github.com/lesspass/lesspass/issues/6" rel="nofollow">https://github.com/lesspass/lesspass/issues/6</a>)<p>Change his master password seems to be the biggest problem for many of you. We will address this problem as a priority.
I don't know what these are used for, but secret keys generated from current time are easy to guess. You only have to try around 2^24 values if you can estimate installation time within a specific year.<p><a href="https://github.com/lesspass/lesspass/blob/master/lesspass.sh#L16" rel="nofollow">https://github.com/lesspass/lesspass/blob/master/lesspass.sh...</a>
We need to re-think passwords. Password re-use is a big problem for technical and non-technical users alike, because managing a unique generated password between devices is hard. Dealing with password managers and syncing password lists back and forth is super frustrating to users. None of the existing tools work quickly and easily on all the different devices a user could be using, so at some point everyone that uses a password manager is going to be stuck fighting their password manager to log into a website. The user will likely perform a password reset, which will send an email that allows the user to bypass the password entirely.<p>Why not provide people with a quick and easy "login by email", since this fallback is almost always available anyway? Slack does this <a href="https://auth0.com/blog/how-to-implement-slack-like-login-on-ios-with-auth0/" rel="nofollow">https://auth0.com/blog/how-to-implement-slack-like-login-on-...</a> and allows people to have accounts with no password memorization. You're not making the login any less secure - any attacker with access to a user's email can almost always perform a password reset anyway.
Not-so-good good idea?<p>Given that you already have dozens of site with their own passwords, you just can't import your passwords, but you need to change all of them to start using lesspass first.<p>Also, if the way the generation of passwords works changes later (i.e. bug), then the users are stuck with a version, or the bug is never fixed, ever.
I am surprised Stanford PwdHash [0] has not been mentioned yet as an alternative, which has extensions for Chrome, Fx, Safari, Android, iOS, Terminal and other software.<p>[0] <a href="https://pwdhash.com/" rel="nofollow">https://pwdhash.com/</a>
While the idea sounds alright (and I've seen similar ideas done before), there are a few problems with this system that make me quite cautious about trying it:<p>* In order to handle different password complexities, regeneration of passwords and similar setting, you have to use a "connected" version (read: you have to store the configuration). In addition, the configuration they have includes potentially sensitive information (password length, number of times password was changed, list of websites I use, <i>my username on the site</i>). And currently those profiles are unencrypted. So you in order for it to be useful it's no longer sync-less. As an aside, my bank (foolishly) uses my generated username as a "privileged" piece of information -- which means that I literally could not use this manager for my bank.<p>* You can't change your master password without updating all of your site passwords. This also means you can't import your old passwords without just changing them all. IMO this makes LessPass not a password "manager". It's a password generator.<p>* Also, the profile doesn't appear to contain any configuration details for the PBKDF, which seems like a bad idea (it means that they can never practically update the PBKDF without introducing backwards compatibility in the profile settings). Also not sure why they're using SHA when there are better password hashing algorithms.<p>* Aliases are impossible to implement (without adding more information to the profile), which just makes this impossible to use with SSO systems (I'm not going to remember which of the 5 different hostnames I used to generate a password I use once a year).<p>I've got to admit that I kinda like the symbols shown next to your password to make sure you're using the right master password, but there doesn't seem to be any description how that's generated. My guess is that it's similar to SSH keyart (which then brings up the question how often will collisions happen with only X^3 options, and can you have two passwords result in different orderings of the same tokens).<p>Overall, seems like an okay idea. But I would prefer if someone just offered a nice way to host your KeePass databases (or rather if there was an app that did it). You could probably do it with git and push to GitLab or something, but that is just ugly to do manually.
Don't use this if you're ever going to type in a password where the screen might be shared -- the constantly-updating "is my password correct" glyphs give away enough information to make it super trivial to decode by eye.<p>PS: the password for the demonstration gif is "passwordpassword"
The _prettyPrint [1] and _getPasswordTemplate [2] functions they use to get from the HMAC to the actual password seem to have a lot of issues:<p>- _prettyPrint calls into _getPasswordChar which will then take the character code modulo the length of the array of possible characters [3], which is usually going to be biased if the character code is not uniformly distributed between 0 (inclusive) and a multiple of the length (exclusive).<p>- It's even worse because the input to _prettyPrint is the HMAC encoded as a hexadecimal string. The impact of this depends on the size of the possible character array, but in several cases, some of the options can never be chosen and others will be chosen twice as often as others that can be chosen.<p>- Using the hex encoding also drastically reduces the number of possibilities for a given length even if that input was then used in a less flawed fashion.<p>- _getPasswordTemplate appears to treat a password with lowercase/uppercase letters as a series of alternating vowels and consonants (by appending 'vc' or 'VC' to the password template).<p>- It also generally seems to define "password containing X and Y char types" as "password containing X char type, then Y char type, then X, then Y, and so on".<p>[1]: <a href="https://github.com/lesspass/core/blob/master/lib/index.js#L82" rel="nofollow">https://github.com/lesspass/core/blob/master/lib/index.js#L8...</a><p>[2]: <a href="https://github.com/lesspass/core/blob/master/lib/index.js#L66" rel="nofollow">https://github.com/lesspass/core/blob/master/lib/index.js#L6...</a><p>[3]: <a href="https://github.com/lesspass/core/blob/master/lib/index.js#L117" rel="nofollow">https://github.com/lesspass/core/blob/master/lib/index.js#L1...</a>
I've used PasswordMaker in the past which uses the same concept but recently moved away from it. Changing passwords is a pain as you now have to remember special parameters for certain pages. Even worse, in case of a compromise of your master password, you're toast. The same is true when losing your password manager database + credentials, but at least you will have a list of all your compromised records which you would have to keep separate in this case.<p>I've moved to KeeWeb since then + CPK for Chrome and Keepass2Android on my phone and couldn't be happier.
What happens when the method of creating passwords needs updating, do I then need to visit countless numbers of sites to change the password?<p>I like the idea don't get me wrong, I just can't see all of the downsides right now which will stop me using it.<p>Elephant in the room: Are you going to be sued by lastpass for the name?
I wouldn't use a password manager system that doesn't have the ability to change the master password.<p>EDIT: You can't change any password really, without changing all of them (or having a separate master password). Seems unpractical as soon as, for example, site X gets its database hacked.
I have created Alzheimer Password Manager on the same ideas as this one.<p>I believe the better idea is to use also user specific salt per browser. In that case, the passwords are more unique, and the threat model changes dramatically.<p>Current Threat Model:<p>* No one with an access to the PC with installed extension should be able to authenticate without knowing the correct passphrase.<p>* The same passphrase used in two different web browsers should produce two different passwords (cryptographic salt will solve this problem).<p>* If an attacker obtains password for some websites, she should not be able to derive passwords for another websites using that knowledge.<p>* Attacker should not be able to brute force master passphrase from the salt and knowledge of one password (PBKDF with lots of iterations).<p>* it provides protection against basic keyloggers (but they can read our salt from the memory / file...)<p><a href="https://chrome.google.com/webstore/detail/alzheimer-password-genera/emclcafdgdeodlhpenmejdapecfgenof" rel="nofollow">https://chrome.google.com/webstore/detail/alzheimer-password...</a><p><a href="https://github.com/viralpoetry/password-generator" rel="nofollow">https://github.com/viralpoetry/password-generator</a>
One issue with this is that URLs for sites can, and in my experience, often do, change, while logins remain the same. A password that uses the URL/site itself may no longer work unless you can remember the old site. That's a headache. I used to have my own mental model of generating a password based on a URL, and it eventually failed several times over because of this issue.
I started using Nic Wolff's password generator[0] to solve that very problem, but I noticed that the need for connected passwords makes up a large size of the passwords that I needed to use, so I gave up on the idea of "store nothing passwords". The idea of generating always the same password for the same site is also doesn't work, because of database breaches, so in the end I created a program[1] that did all the things I needed. Check the README to know how it works.<p>[0] - <a href="http://angel.net/~nic/passwd.current.html" rel="nofollow">http://angel.net/~nic/passwd.current.html</a><p>[1] - <a href="https://github.com/marceloslacerda/password_generator" rel="nofollow">https://github.com/marceloslacerda/password_generator</a>
Very cool project!<p>One thing though, LessPass sets HSTS headers, but should include the `includeSubDomains` directive and the `preload` directive to stop a first time MITM (for example, when you get a new phone). Once these are done, LessPass should be added to various browser preload lists.
What happens if a site requires you to change passwords regularly and keeps a history of the passwords you've used? Wouldn't you be locked on a single password for each site (or a very limited number of options to force the app to change it)
I may be the inventor of in-browser hash-based password generation – at any rate, most of the early variants like SuperGenPass [1] credit mine [2] as the original. And I still use it for low-value sites – but I let iCloud Keychain generate, store, and sync passwords for e-commerce sites and e-mail services, for all the reasons mentioned by others here.<p>[1] <a href="https://github.com/chriszarate/supergenpass/wiki/FAQ" rel="nofollow">https://github.com/chriszarate/supergenpass/wiki/FAQ</a><p>[2] <a href="http://angel.net/~nic/passwd.current.html" rel="nofollow">http://angel.net/~nic/passwd.current.html</a>
I used to use SuperGenPass[1] to do exactly this, but what you'll soon find is that every website has slightly different password rules, so you'll have to start memorizing unique settings for each site (i.e. website X can't have certain chars, website Y can't be longer than 12 chars, etc...). Then you run into the issue of multiple things you need to remember, such as secret answers for various questions, birthdays that you may lie about, etc...<p>Much easier to just use a vault to store all this.<p>[1] <a href="https://chriszarate.github.io/supergenpass/mobile/" rel="nofollow">https://chriszarate.github.io/supergenpass/mobile/</a>
I did roughly the same thing twelve years ago, with even less security built in (hey, I was young(er)):<p><a href="https://bookmarklets.arantius.com/password+maker+bookmarklet" rel="nofollow">https://bookmarklets.arantius.com/password+maker+bookmarklet</a><p>I did not market it so heavily. It has the same problems, most importantly rotation. As soon as you want to rotate one site's password the only option is to change the "master" password, but now you need to remember which site uses which master password, and your utility is gone. The random site requirements, as mentioned, is also a big deal.
OK, fine. This is one thing I can finally use.<p>(I can't use regular storage-based password managers, as I have ADD and I will lose my password file. If it is backed up, I will lose a backup, or I will forget to update it when passwords are changed, or something else. I always screw such things up, this is absolutely inevitable, so I have to prepare. To compensate, my symbolic memory is excellent, so I just chose to memorize all my passwords, as I can't lose my head. But even my memory has limits, and I had to lose some entropy on my passwords to keep them all in my head.)<p>Now, I will get the best of both worlds.
Aside from the security concerns already noted I have two major questions:<p>1) How do I change my master password? It appears that all generated passwords would change as well. Even master passwords should be expirable and changeable.<p>2) I don't just use a password manager to manage passwords. I use it to manage _credentials_. I have a ton of credentials, so I need something that will remember the _usernames_ for me as well. Otherwise I don't just have to memorize the master password - I also have to memorize the usernames for the hundreds of different logins I'm managing. That's a non-starter.
How it works roughly: <a href="https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4#.wwoj952kz" rel="nofollow">https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4...</a><p>It seems they take info from the site (its name?) plus your master password and hash them - "LessPass uses PBKDF2 with 8192 iterations and a hash function sha-256."<p>I guess they then produce something of the required length and characters from the hash.<p>Guess it's ok till someone finds your master password.
I use [pass](<a href="https://www.passwordstore.org/" rel="nofollow">https://www.passwordstore.org/</a>) which is an open source command line password manager. It uses gpg to encrypt passwords which in turn is setup to use a hardware key with its own password. The downside is the metadata which is exposed in file system tree, however the data is stored on a dm-crypted disk. Difficult to setup but much more secure.
Enpass is my goto, recently recommended it to some people as well and all are happy. I have it on my phone as well as work PC, personal laptop and a linux box. One master password and it's all local, I just use dropbox to sync the encrypted "wallet" so I have my accounts on all my devices. <a href="https://www.enpass.io/" rel="nofollow">https://www.enpass.io/</a>
See also gnu-pw-mgr (CLI):<p><a href="https://www.gnu.org/software/gnu-pw-mgr" rel="nofollow">https://www.gnu.org/software/gnu-pw-mgr</a><p>It generates passwords based on a secret key ("seed") and memorized transformations to URLs. You can adapt that to use a master password, if you so desire, by using a password as a base for such a transformation, but that's not built in.
I wrote a short blogpost about LessPass, it's security and what should be done in near future. You can find it here: <a href="http://lsrom.cz/blog/2016/11/08/lesspass_why_holding_back_gets_you_nowhere.html" rel="nofollow">http://lsrom.cz/blog/2016/11/08/lesspass_why_holding_back_ge...</a>
How is this better/worse than <a href="https://addons.mozilla.org/en-US/firefox/addon/easy-passwords" rel="nofollow">https://addons.mozilla.org/en-US/firefox/addon/easy-password...</a> which claims that "No web servers involved, the data never leaves your computer."?
Same as this one - <a href="https://ssl.masterpasswordapp.com/" rel="nofollow">https://ssl.masterpasswordapp.com/</a> and also same problem that if you need to change your master password, all the passwords of all your websites becomes invalid. I really don't see how this kind of solution is workable.
Why do none of the password managers integrate a decent xkcd password option? I like having a complex password, but God forbid I have to ever read it from my phone and type it somewhere else. xkcd is easy. Use a word dictionary pick a few words and delimit them with special characters. Mix the case as an option, too.
I made something similar to this: <a href="https://github.com/libeclipse/visionary" rel="nofollow">https://github.com/libeclipse/visionary</a><p>Works by using a master password and a keyword to generate a seed, then applies various deterministic algorithms to generate multiple passwords.
Nice idea and willing to try it, but..<p>"The requirement for self-hosting is to have docker and docker-compose installed on your machine."<p>Fsck that.<p>If I will trust this with my passwords, I need to know how to _really_ install it. I can't trust you if all you have to offer is a steaming pile of docker or your idea of how I should run my systems.
I wish someone would make a sync-friendly open source password manager. Something like KeePass, but with fewer features, user initiated auto-fill, has a client on just about all platforms, and is designed ground-up to live on a file sync service like Dropbox or Google Drive.
If you re-generate the password for each site, rather than sync, it means (1) you can't change your password on that site, (2) if any site puts in the effort to brute-force guess your password, they will have access to <i>all</i> the sites you visit.<p>This is not a good idea.
I did a quick over-look of the information on the site, but it looks to me that this is a pretty bad 'password manager'<p>it looks like anyone can try to brute force your password based on the login/site combo. can someone tell me why i'm wrong here?
Wouldn't enabling two-factor on the primary login and naming sites whatever you want solve most gripes with this (in the comments here)?<p>i.e. I name hacker news hn or hack, as opposed to news.ycombinator.com - one more thing to guess for an attacker.
This only confirms one thing: How we're doing account security is inadequate at best. Perhaps LessPass comes up short, but that's more a symptom of the broader problem than it is a mistake on the part of LessPass and its ilk.
Here a write up on how it works: <a href="https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4#.3lqvm28uu" rel="nofollow">https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4...</a>
I've written a native app (in C++ with wxWidgets) with the same principle: <a href="https://bixense.com/pwcalculator/" rel="nofollow">https://bixense.com/pwcalculator/</a>
Obligatory post about password generators: <a href="http://crypto.stackexchange.com/a/5691/291" rel="nofollow">http://crypto.stackexchange.com/a/5691/291</a>
I've been using a similar tool long time ago:
<a href="http://angel.net/~nic/passwd.current.html" rel="nofollow">http://angel.net/~nic/passwd.current.html</a>
A more developed and mature implementation of a stateless password manager is <a href="http://masterpasswordapp.com" rel="nofollow">http://masterpasswordapp.com</a>
Is this better than this: <a href="https://ssl.masterpasswordapp.com/" rel="nofollow">https://ssl.masterpasswordapp.com/</a> ?
I feel like most of the complaints here are about stateless password managers/generators in general. If not being able to change your master password is an issue to you, then this type of password manager is not for you. The cryptographic arguments seem more valid and worth considering if you plan to use this. I was planning to build something very similar to this as I came to the same conclusions as the creator of LessPass, that the existing solutions are not satisfactory for my use case.<p>My current choice in software of this type is Twik (<a href="https://github.com/gustavomondron/twik" rel="nofollow">https://github.com/gustavomondron/twik</a>) because it has an Android app available from F-Droid and an extension I can install in Chromium. The browser extension is especially good but not without faults. For daily use I find this adequate but I find myself in situations where I need to access a password outside of a browser or my phone which is a huge pain. Other drawbacks include no ability to change or bump the password to a new one without creating a new profile. Keeping my phone and computer in sync is also slightly annoying as you need to manually copy the UUID (long-ish complicated string) which is used to identify each profile.<p>I think a lot of these issues could be overcome by relatively simple solutions just by applying some sensible design without going all in and trying to be everything at once like LessPass is. If, for example, Twik generated QR codes for its profile keys which you could scan in the mobile app, it would speed things up massively. If it had a compatible CLI interface and a macOS menu bar application, it would be fantastic.<p>I'd also rather not bother with creating an account with another service just to sync my password version numbers and silly password rules that sites implement. The ability to self-host LessPass is nice but do I really need to bother with this? What's wrong with syncing this information in a simply formatted, maybe also encrypted, text file with services I already use such as Dropbox or Google Drive? Also, why is the default password length 12 characters? It's a small gripe but I thought the whole point of using software like this was to enforce good password practices.<p>I think <a href="https://getvau.lt/" rel="nofollow">https://getvau.lt/</a> gets pretty much everything right other than having to remember the rules of each password every time you generate it which, for me, isn't much better than remembering different strong passwords for multiple sites.<p>I've been hoping for some time that somebody would create a solution that I feel makes sense so I was excited to see this post but unfortunately it seems to have too many drawbacks for me personally to incorporate into my daily life. The open source nature of a lot of these products is very helpful and will hopefully reduce the effort I will have to eventually put into building a solution that gets out of my way.
When I find stuff like this that uses SHA256, I instantly just tune out. SHA256 is stupid. Use SHA512 or find another line of work. SHA512 is astronomically more secure. Anyone who is using anything less than SHA512 for hashing is an idiot.