Breaking into 1Password, KeePass, LastPass and Dashlane

The article says the author is basically unable to break into the password-vaults. Please rename the clickbait-title.

So what. I use 1Password, which the article says holds to 95,000 passwords per second with one GPU. So if say my password is 10 characters, only alphanumerical (a-zA-Z0-9) without any symbols, it takes this one GPU 62<i></i>10&#x2F;95000 = 8834730167035.16 seconds or ~280,000 years to try all combinations. Even with 1000 GPUs and technical progress, easily more than a lifetime.<p>As my pass phrase is significantly stronger than that, I&#x27;m absolutely not worried..

Pretty misleading!<p>They test an old version of Keepass with an old KDF (they recently switched to Argon2 which is much more resistant to GPU&#x2F;ASIC attacks. Additionally KeepassDroid is intended to use vaults synched to the device via Google Drive, Dropbox or whatever, so having the vault in private storage makes no sense!

From this article, it sounds like they have a very specialized GPU-accelerated brute force mechanism for local database backups?<p>Assuming they have something like rainbow tables for short passwords on all of these managers, it still seems like it would take a <i>very</i> long time to correctly guess longer master passwords (say 20+ characters). No?

Only to put the site into some context, Elcomsoft is a known provider of &quot;password breakers&quot; for several programs, nrmally used for digital forensics.<p>This does not equate to &quot;attack&quot; or &quot;remote attack&quot;.<p>It is mainly about having (legal) access to a seized storage device and trying to extract from it as much information as possible.<p>Although using the single NVIDIA GPU of a &quot;normal&quot; desktop is possible, normally some specialized hardware is needed&#x2F;used (usually arrays of GPU&#x27;s) to achieve a relatively high brute force attempt rate, something <i>like</i> :<p><a href="https:&#x2F;&#x2F;www.shellntel.com&#x2F;blog&#x2F;2017&#x2F;2&#x2F;8&#x2F;how-to-build-a-8-gpu-password-cracker" rel="nofollow">https:&#x2F;&#x2F;www.shellntel.com&#x2F;blog&#x2F;2017&#x2F;2&#x2F;8&#x2F;how-to-build-a-8-gpu...</a>

So they&#x27;re brute forcing the master password for these databases. Why should I be worried if I&#x27;m using a non-dictionary multi-word passphrase as my master password?<p>&quot;Different password managers employ different approaches to security. As an example, LastPass generates the encryption key by hashing the username and master password with 5,000 rounds of PBKDF2-SHA256, while 1Password employs even more rounds of hashing. This is designed to slow down brute-force attacks, and it almost works. Granted, these are still nearly an order of magnitude less secure than, say, Microsoft Office 2016 documents, but even this level of security is much better than nothing.&quot; I&#x27;m guessing they meant more secure then Office 2016.

This article is nothing but marketing fluff promoting the author’s software. It’s an offline brute-force attack against encrypted database files that of course works if you have a weak master password, but is otherwise useless.<p>Nothing to see here, move along.

If you want to know how long it will possibly take in actual time, I did all the math for you(with python code): <a href="https:&#x2F;&#x2F;gist.github.com&#x2F;birlorg&#x2F;cbde00767403f0ac554ea9d28178b1fb" rel="nofollow">https:&#x2F;&#x2F;gist.github.com&#x2F;birlorg&#x2F;cbde00767403f0ac554ea9d28178...</a><p>For instance: commonChars of 1password of password length 20 will take 255,421,331,666,477,399,723,386 years, 3 months, 18 hours, 38 minutes, 39 seconds time<p>Well, this is the maximum amount of time, it could take considerably less than this, unless your password happens to be the very last one it tries to crack.

The google text cache works. <a href="http:&#x2F;&#x2F;webcache.googleusercontent.com&#x2F;search?q=cache:https:&#x2F;&#x2F;blog.elcomsoft.com&#x2F;2017&#x2F;08&#x2F;one-password-to-rule-them-all-breaking-into-1password-keepass-lastpass-and-dashlane&#x2F;&amp;num=1&amp;strip=1&amp;vwsrc=0" rel="nofollow">http:&#x2F;&#x2F;webcache.googleusercontent.com&#x2F;search?q=cache:https:&#x2F;...</a>

Keepass&#x27; security measures, described here:<p><a href="http:&#x2F;&#x2F;keepass.info&#x2F;help&#x2F;base&#x2F;security.html" rel="nofollow">http:&#x2F;&#x2F;keepass.info&#x2F;help&#x2F;base&#x2F;security.html</a><p>A question: does anyone have any idea why is it so much slower to crack Rar5 and Office 2016 than these password databases? What sort of magic sauce are they using to reduce the amount of guesses&#x2F;second?

I&#x27;m confused since the article never highlights any of the facts about the strength of the master password used to protect the vault. Of course a weak master password can easily be broken with an offline GPU accelerated attack.

You can use keepass to benchmark your CPU in how many iterations should be used. I did the one second delay and divided it by ten so that I can use it on my phone without a huge delay. (2 500 000 iterations)

Forgive the naive question, but would 2FA completely mitigate this attack, assuming that the org trying to access a key vault did not have access to the 2FA device?

website broke