The quest for a family-friendly password manager

If you&#x27;re looking at this problem not as a technical person, but just as someone looking for the most practical solution to the problem ... Chrome&#x27;s built-in password management is the obvious mass-market solution.<p>It suggests (relatively) strong passwords, it discourages password re-use, it surfaces when you use passwords that have been found in a data breach, and it allows you to access these passwords across devices.<p>I have no idea about the cryptographic strength of Chromes&#x27;s offerings, but the fact that it is the leading browser worldwide means that it&#x27;s going to be dead-simple for most people to adopt, even those who are decidedly non-technical.<p>(Personally, I use Bitwarden and 1Password, but I&#x27;m a software engineer. I would not expect my elderly family members to do the same, especially because both involve installing and maintaining browser extensions that can be finicky when Chrome updates.)

I read his requirements and thought bitwarden met all of them. The author discusses bitwarden and instead of acknowledging it meets their expectations, points out more issues.<p>I don&#x27;t really see why a &quot;family-friendly&quot; version cares about the underlying tech or filesize of the CLI clients, but maybe grandma or kids these days do get upset when when the run a program that is 8.0 × 10^-5 of their 1tb hd.

I recently had to coach a co-worker to do something more sane than store her passwords in a plain text file on her private Google Drive (seriously!). This is what real people do when you confront them with a lot of complex security. The reason I discovered this was that I had to talk her through setting up 2FA for our company&#x27;s Google account because she lost her phone. And then I discovered that she was copy pasting passwords from this stupid text file. Which btw. really sucks on mobile.<p>She&#x27;s now a Bitwarden user. Mind properly blown. Next she&#x27;ll be using it to use generated passwords. Amazing. Bonus points if she starts using 2FA for her private accounts. From what I&#x27;ve seen she doesn&#x27;t and she uses a small set of easily guessable passwords all over the place. But at least they now come from a password manager. But it&#x27;s not really a scalable solution because I don&#x27;t have the time or patience to coach all of our people. And yes, we do have a security policy that spells all of this out. I wrote it. It helps but people default to doing the wrong things.<p>Ultimately, that&#x27;s why we need to get rid of passwords. There&#x27;s a group of users for whom all this security stuff is just way too difficult. We need to make it simpler for them to stay secure, not harder. Forcing them to remember lots of different passwords backfired and necessitated password managers. Password less logins are now a thing with several companies. It takes a bit of ingenuity to make that work but it usually boils down to multi device&#x2F;factor authentication with some ultimate fallback.

The lamentations about Bitwarden&#x27;s heavy clients really ring true. On my phone, simply opening the password manager to unlock the vault can be enough to make the application I was trying to log into go OOM. Integration with my keyboard of choice (SwiftKey) is also questionable and then Firefox adds another layer of weird behaviour that makes autofills too difficult for me to recommend it to my family.<p>When I first read about the command line Bitwarden client I just laughed at its absurdity. I&#x27;m tempted to write my own Bitwarden compatibility library and maybe a command line or GUI that doesn&#x27;t require an outdated copy of Chrome to run, but doing security software right takes time and research I don&#x27;t want to commit right now.<p>I also remember going from my self hosted Bitwarden instance to Vaultwarden and seeing he memory requirement drop several gigabytes. I like Bitwarden&#x27;s browser integrations for the most part but the nice GUI comes at a big performance cost.<p>Perhaps my 900 secrets are too much for a password manager to handle but I don&#x27;t think whatever computation the program does on the encrypted secrets warrants this much overhead.

I prefer self hosting things so KeePassXC was actually perfect for me. You have KeePass client on each of your devices and Syncthing keeps all devices in sync. No third party involved! If you are looking to self host I compared few applications in my blog post below<p><a href="https:&#x2F;&#x2F;rohanrd.xyz&#x2F;posts&#x2F;self-hosting-password-manager&#x2F;" rel="nofollow">https:&#x2F;&#x2F;rohanrd.xyz&#x2F;posts&#x2F;self-hosting-password-manager&#x2F;</a>

For me the main barrier has been convincing my family to actually take password management seriously. My entire family has had their emails hacked at least twice due to poor&#x2F;reused passwords that have been in leaks, constantly forget IDs&#x2F;passwords, and are constantly overwhelmed with the idea that they need to keep track of all these things.<p>I&#x27;ve set up a 1password family and set up accounts&#x2F;vaults on everyone&#x27;s computers&#x2F;phones&#x2F;tablets, yet they still find it too troublesome to use rather than simply writing passwords down in plaintext on their notes apps or just on sticky notes attached to their computers etc...<p>If anyone has had success encouraging family to use a password manager I would love to hear any tips, as I&#x27;ve sat my family down every holiday season to reset everyone&#x27;s forgotten passwords and walk them through everything, practice creating&#x2F;saving&#x2F;using passwords and within a day it&#x27;s all forgotten again. Like backups, I feel like no one takes it seriously until something truly horrible happens.

I think for the average person the built in password manager in Firefox&#x2F;chrome&#x2F; safari are probably the lowest barrier to entry.

I don&#x27;t know what primitives or parameters Apple&#x27;s iCloud Keychain is using.<p>But I do know that it has made all of the non-techies in my family using a password manager. They just use the suggested password generated by Apple when signing up on random sites as well.<p>(But only works on Apple&#x27;s devices and browsers obviously)

This person has been recommending LastPass for years and now cares about the cryptographic specifics of far more trustworthy companies?

Bitwarden has worked really well for me and my wife to share passwords to common services (daycare, shared email, etc) and it has been well worth the money. I&#x27;ve used 1Password and LastPass in the past but Bitwarden has been the best experience I&#x27;ve had thusfar.

I would settle for a password manager that can do basic password management.<p>Secure, UI that loads quickly without bugs, autofill that works.<p>Tried switching to 1Password and it duplicates every single password I imported from LastPass. Confirmed no duplicates exist in the CSV being imported.<p>Support is like talking to a chat bot. Don&#x27;t seem to understand the issue I am reporting is the duplication and keep proposing solutions to alternate problems other then the one I have.

&gt; There is also a command-line interface, weighting 80MB, also in TypeScript, also in Electron. Amazing.<p>Can anyone verify the CLI depends on Electron? I took a quick look at the source and from what I can tell it does *not*, but I&#x27;ve never worked with Electron so I don&#x27;t really know what to look for.

&gt; <i>Argon2id, but without specifying the parameters, not why they chose this particular variant over another variant like Argon2d.</i><p>On this specific point: the use of Argon2id over Argon2d doesn’t need justification. Per <a href="https:&#x2F;&#x2F;www.rfc-editor.org&#x2F;rfc&#x2F;rfc9106.html#section-4" rel="nofollow">https:&#x2F;&#x2F;www.rfc-editor.org&#x2F;rfc&#x2F;rfc9106.html#section-4</a>, the first and second recommended options are Argon2id, and Argon2id is the recommended type basically unless you have a very good reason to choose a different type. (And as a fairly informed layman in cryptography, it’s very obvious to me that Argon2id is the correct choice for this sort of password safe.)

Is there a guidance for the number of PBKDF rounds depending on the length of the password?<p>In particular I&#x27;m curious to what degree can the round count be reduced if I use a long pass phrase (say, 200+ characters long) instead of a password?

I&#x27;m happy with Enpass (<a href="https:&#x2F;&#x2F;www.enpass.io" rel="nofollow">https:&#x2F;&#x2F;www.enpass.io</a>) from the usability standpoint. The OP didn&#x27;t mention it as a candidate. Not able to judge the cryptographic effectiveness, but this is what their website says:<p>&quot;encrypted with 256-bit AES with 100,000 rounds of PBKDF2-HMAC-SHA512 using the open-source encryption engine SQLCipher.&quot;<p>They don&#x27;t supply cloud storage - you pick your own , e.g., iCloud, Dropbox, Google Drive, OneDrive, WebDAV. I use a local WebDAV server, myself.

I&#x27;m not sure that the crypto used is the weakest link, but even then, I would very much like to see a user-configurable memory-hard KDF, authenticated AES, and FIDO2 hmac-secret support. All of which should be relatively tablestakes for a product like this.<p>The <i>option</i> of self-syncing or self-hosting seems important as well, so users can decide to trade off having a team of engineers keeping the server secure and up to date with being a less interesting target to compromise.<p>In terms of client-side compromise, I&#x27;m significantly more worried about OS&#x2F;browser compromises, malicious app updates, or for those cases where there&#x27;s no OS-mediated autofill API, clipboard sniffing.<p>In the end, I think password managers will always have issued and will have to settle for &quot;good enough&quot;, or better than memorizing passwords. They&#x27;re too big of a target for attacks and their surface area is too big, too. Password managers do more than storing login credentials, but for that key use case, adoption of Passwordless WebAuthn can&#x27;t come soon enough.

Am I using 1Password wrong? Any time I need a password I click on it in the toolbar on macOS, type in my master password, and the just search for the needed password. I&#x27;m sure there are other ways that are seamless, but I don&#x27;t see the strife&#x2F;friction that most people seem to have to get others to overcome when trying get them to us a password manger.

&gt;Dash is the only one using Argon2d, the winner of the Password Hashing Competition held in 2015.<p>&gt;Unfortunately, their choice of parameters is on the low side:<p>&gt;We use Argon2d, by default, with the following parameters: iterations = 3, memory = 32Mo, parallelization = 2 We also support PBKDF2-SHA2 with 200,000 iterations. Then, the data is (en|de)crypted using AES CBC-HMAC mode.<p>&gt;AES CBC-HMAC isn&#x27;t a thing, what they&#x27;re doing is AES-256-CBC then HMAC-SHA256 (and not CBC-MAC), which is perfectly acceptable, albeit using the same key for AES and HMAC feels shaky: an authenticated mode should be used like AES-GCM, or another key derivation to produce two subkeys, instead of using the same key for two different purposes.<p>&gt;The intern who wrote their whitepaper had a confused understanding of how https works: OCSP doesn&#x27;t replace trust stores, key exchanges are more complex than &quot;the client encrypts a random number with the server’s public key and sends it to the server, the server decrypts this number, and both sides use this number to generate a symmetric key, used to encrypt and decrypt data.&quot;, …<p>&gt;Worryingly, their &quot;benchmark of attempts to decrypt AES files&quot; is done on a &quot;4 cores Xeon 1.87GHz&quot;, which doesn&#x27;t make sense: cracking a password doesn&#x27;t mean going through the whole keyspace of alphanumeric characters of a fixed length, and nobody uses CPU to crack passwords, let alone a 4 cores one. I would expect a firm in the business of protecting passwords to be up to date with the current state of the art of password cracking.<p>&gt;They have a bug bounty with payouts up to USD 5,000 and no public reports. The gpg key that should be used to contact them is an RSA one of 1024 bits (worryingly small in 2023), and belongs to someone called &quot;anish&quot;.<p>This is super concerning to me as a Dashlane consumer, so what are my options?It took me months to get my parents to figure out how to use it, and if I need to shift, it&#x27;s gonna be even more difficult.

Yeah let’s pretend that browsers built-in password managers don’t exist and can’t be used because they are mere “side hustles” (and password management is a very serious business that requires dedicated companies and not at all something a team at Google or Microsoft can solve)

&gt; To my disappointment (and mild horror), almost all password managers are using PBKDF2, which is known to be completely suboptimal to store passwords, and has been for the last 15 years, but it&#x27;s apparently the only one without abysmal performance in Javascript.<p>Anyone have a better idea?

Spent years convincing my dad to switch over to LastPass family.<p>After the recent hack, I tried to get him to switch to keepass xc but that is proving to be too steep a hill to climb.<p>What is the best alternative to LastPass families? I don’t mind paying for a subscription etc .

Can someone explain to me why the number of PBKDF rounds actually matters?<p>When they are saying 100,000 rounds, they mean 100,000 rounds WITH the key right?<p>If you wanted to brute force this password, and there are no vulnerabilities in the hashing algo, then you need to try aaaa with 100,000 runs, and aaab with another 100,000 runs right? So if you use a long random key, it wouldn&#x27;t matter if it was 1 cycle or 1 billion effectively, right?<p>Or am I missing something? I&#x27;m assuming there is a hash table exploit for PBKDF2 and that the number of rounds really does matter?

I can barely read the article, text is lite gray on white with firefox on OpenBSD. Seems interesting but could not get through it using firefox.<p>So off to lynx, there it rendered fine, so reading it now.

I&#x27;ve been using KeePassXC on desktop and KeePassDX on Android, synchronized via Syncthing, and it&#x27;s good, but the thing that makes me squeamish about <i>all</i> password managers is that you&#x27;re just one software update away from malicious code which uploads all your passwords next time you unlock.

MacOS&#x2F;iOS (user) after completing the recent update cycle on all devices &quot;passwords&quot; now supports 2FA using touch -ID.<p>I&#x27;ve been using Bitwarden for years but integrated 2FA support from Apple has moved me over. I really despised having to switch between apps (I don&#x27;t use sms 2fa when I can).

My boomer parents have been able to keep up with Bitwarden. We installed on their Windows laptop and smartphones. I&#x27;ve still have to get them on OTP, something like Authy to get them off mobile 2FA when possible.

I&#x27;m seconding bitwarden. I got my tech-illiterate partner set up with it no problem. We have a shared vault for things like utility website logins &#x2F; shared credit cards etc. etc.

FWIW, I&#x27;ve bumped the KDF iterations count to 600000 in Bitwarden and I haven&#x27;t seen any noticeable difference logging in from my M1 Pro and my iPhone 13 pro.

BRB, increasing Bitwarden vault iterations.

If you have Dropbox, a password manager is part of the value. I migrated from Dashlane and it’s been fine.

TL;DR there isnt one. They&#x27;re all built and designed by developers. From an &#x27;average joe&#x27; perspective, not a single one of them is easy to use.