On 06/16/2015 05:53 PM, John R. Levine wrote: > Are there any password managers that let the user specify where to > store a remote copy of the passwords (FTP server, scp, Dropbox, > whatever) while keeping the crypto and the master password on the end > devices?
KeePass 2 claims to have synchronization built in (http://keepass.info/help/v2/sync.html). Requires Mono on non-Windows platforms, so I haven't tried it. Other password managers require you to use sync tool (git/dropbox/...) externally: Multiplatform software password managers (may not have mobile versions): 1) KeepassX (https://www.keepassx.org/) + git/dropbox KeepassX is probably one of the best multiplatform managers. But you have to add the synchronization feature manually, either through dropbox or git. Only one file needs to be synchronized (or one file per password database, if you have more DBs). I'd prefer git as synchronization because it gives you history, you can choose your own server(s) and has conflict resolution abilities in case there is conflict. With git you can sign tags over the commits to know no one else modified them. Dropbox would be for simpler developments ("works out of the box"). Weaknesses: a) Someone mentioned this for KeePass - https://news.ycombinator.com/item?id=9727297 - I'd guess it would apply for KeepassX as well b) since it's software password manager, malware on local machine can siphon off all passwords once unlocked 2) Password store (http://www.passwordstore.org/) - see my previous mail Multiplatform hardware password managers (just deskop versions): 3) TrezorPass - (https://github.com/hiviah/TrezorPass) + git/dropbox Disclaimer: I wrote this. In theory the design should be safer than pure-software password managers :-) But in practice it would need audit. And it's very alpha software, more like proof-of-concept. How it works: you need Trezor token (http://www.bitcointrezor.com/). Trezor will act like hardware token for encrypting and decrypting passwords. The encrypted passwords stay on local disk, not on Trezor (not enough space there). All encrypted passwords can be protected by PIN and/or passphrase. PIN can never be sniffed by malware because Trezor displays permuted PINpad. Each time you need to decrypt a password, you request it from TrezorPass GUI, then acknowledge by pressing button physically on Trezor which will show you exactly which password you are going to decrypt. So malware can only sniff those passwords that you actually use on the infected machine, but not all of them (no way to protect against sniffing computer's memory). There's also second RSA key encrypted in the storage to which every password is encrypted to. It's used as "export all" key and you should use this function only on malware-less computer for backup purposes. Also of course requires physical confirmation on Trezor. Weaknesses: a) uses AES-CBC instead of AEAD modes, but all of the encrypted passwords are HMAC-ed in Encrypt-then-MAC order b) timing side channels, but you need physical posession of Trezor, knowledge of PIN and passphrase (having those you don't need to do the timing channels actually) Read more in crypto quirks in https://github.com/hiviah/TrezorPass/blob/master/README.md Synchronization: as before, either via git or dropbox 4) USB Armory (http://inversepath.com/usbarmory) no password manager exists yet This is just a platform that would be very suitable for a hardware password manager that keeps the encrypted passwords on device itself. Shame it doesn't have a small display. Ondrej _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography