Not sure if this is will be a paid services in the future but if you download it now till October 1, 2012 and you can enjoy it FREE of charge forever. No strings attached.
Norton Identity Safe FREE for Now $0
80
Related Stores
closed Comments
I'm currently using Roboform..worth switching?
KeePass + Dropbox all the way. 100% free and I control my data.
Downside to KeePass: no lockout for multiple incorrect password attempts. So it can be brute forced.
I use KeePass, by the way. But it is worth knowing it's weaknesses.
Problem with key files is that if they've got access to your keepass db then they've probably got access to your keyfile.
A key file can be used instead of a password, or in addition to a password
That's one of the first lines on the Key Files link above.
There's few things I'd stake my life on but the security behind KeePass is one of them.
P.S. I use KeePass too and I'm still finding features.
Yes, and it in no way addresses the no-lockout brute force issue, which I assumed was what we were discussing since you replied to me.
Brute force a passphrase? How long would that take?
My passphrase has 24 characters. Each character has 95 easily typeable choices (26*2 letters, 10 numbers, 32 keyboard symbols & 1 space). Total unique combo = 95^24 = 2.9 * 10^47 choices.
Set dictionary attack protection to 0.01 second per round. Say you are lucky and only need to go through 1/100 of key space to crack it.
Time required to crack = 2.9 * 10^47 rounds * 0.01 second/round * 1/100 (lucky) = 2.9 * 10^43 seconds = 9.2 * 10^35 years.
Theoretical half life of proton (lower limit) is between 10^33 and 10^35 years. So your PC will decay into radiation before it could brute force my passphrase.
Once again. Not saying this makes it bad. Not saying this is the same as not working at all. Not saying you can't take precautions to minimise the weakness. But it is a weakness AND PEOPLE SHOULD BE AWARE OF IT.
Hopefully people have read this and are now aware of it.
I am sorry tantryl, but there is no classical encryption system that has not got such a weakness. Even if there is a lockout mechanism in an encryption system, eventually the lock will clear and you can continue the brute force. Even though I have just demonstrated to you that no real computer (or teams of computers) can complete the calculation (on a well choosen passphrase), ultimately brute force will finish and crack the passphrase.
I suppose nothing less than quantum encryption will satisfy you.
Yes - no system has no weaknesses. Yes - you can make choices that massively reduce the impact of the weakness. No - I don't think that means we shouldn't mention it to people and they shouldn't be told about it so they too can take precautions. I honestly don't know why you two have a problem with informing people, with encouraging more complex passwords.
I thought we were writing these comments to informing people and not to earn OzBargain points. The difference is Forgot69 and I took account of the unfeasibility of brute force versus your view of there is always a weakness. We think that telling people that there is a weakness when it is unfeasible to exploit is overly alarmist.
Brute force is unfeasible because no real classical computers will ever complete the computation before they break (due to baryonic delay), and you would exhaust the supply of electricity (the thermodynamic Landauer limit). End result: your data are safe.
Theoretically, any deterministic encryption system (using pseudo random number generators) built on a Turing machine will always have a weakness: the final encryption key can be brute forced in exponential time O(2^n) (in the case of AES-256 there are 2^256 = 10^77 rounds). In your offline scenario, it is easy to modify the Keepass source code to remove any lockout mechanism the developers might have implemented.
If you are worried by this "weakness" against brute force, then there is a solution. It is called a one-time pad. You will love it, tantryl, theoretically and practically unbreakable (Shannon secure), and you can make one in O(n) linear time using only pen, paper, and a set of dice or a set of Scrabble tiles. For the sake of completeness, a one-time pad is impossible to make on a deterministic Turing machine, i.e. on all classical computers, without a hardware random number generator. And of course you should not re-use a one-time pad, or have it stolen.
Many great minds have studied the topics of computational complexity, cryptography, pseudo and true randomness, information theory, numbers theory, theoretical computing, etc. Please do not dismiss their works by saying "no system has no weaknesses". People should be aware that there is a weakness, but also that it is physically impossible to exploit using classical computers. When a quantum computer is finally built, then the situation will change. But then there are quantum encryption algorithms.
I'm sorry, what? You're accusing ME of looking for OzBargain points? You guys have been aggressive right off the bat, and pretty much ignored anything that didn't fit your little fantasy hypotheticals.
You seriously think every single person who sees "I like KeePass" on OzBargain will automatically use a key file and a complex password on it?
tantryl, if you perceived that I am aggressive towards you, then I apologise. However, having re-read my comments, I failed to see how I might have offended you.
I thought the topic at hand was whether a time lock in Keepass is necessary to guard against brute force attacks, but you seemed to have changed topic midway. I am astonished by the ease with which you dismissed over 100 years of scientific research as "fantasy hypotheticals".
If you want to discuss attacks on Keepass, then you should have mentioned the Trojan Horse attack. In your scenario, you must have physical access to the target PC to copy the keyfile and the database. So while you are copying them, you might as well install a modified copy of Keepass to "report home" whatever the user does. This is an infinitely more effective method than brute force to attack a software encryption system, and this is the most common way of getting hold of your Internet banking passwords, AKA phishing with Trojan sites and/or installing keyloggers.
To prevent a Trojan Horse attack, Keepass needs a way to authenticate its binary code with a trusted certification authority. Perhaps you can suggest this modification to its developers. In the meantime, you should run a SHA-1 message digest on its binary and compare with its known value before you use Keepass. Note that both CRC-32 and MD-5 have been cracked and cannot be trusted for authentication purposes. A good anti-virus and malware program is essential too and the Norton 360 rebate is a good deal.
Yes, fantasy hypothetical. It's pure fantasy that all people know about and use a key file and a complex password and therefore there isn't a brute force problem.
Because precautions beyond the default settings can be taken to reduce a weakness does not mean there is no weakness.
And saying you weren't being aggressive after your previous point starts off with a snide comment about winning points, the point which I was addressing, is so disingenuous it's beyond belief.
I do, however, appreciate you finally getting on board with the idea of informing people about possible issues instead of saying they don't really exist.
Can you explain how putting in a lockout in Keepass helps to alleviate brute force attacks? This is what you were talking about, isn't it?
I do not understand how it would help because I could very easily use an old or a modified version of Keepass to brute force without any hindrance from a time lock.
Interesting argument. At least tantryl's post and Forgot69's response was worthwhile in drawing attention to the encryption rounds setting - hardly ever look in Files > Database Settings and it's probably been five years since I last changed it.
alvian - wait, you think this is a feedback forum for KeePass?
I'm not making program change suggestions to the creators.
Jabba the Hutt: My question to tantryl "Can you explain how putting in a lockout in Keepass helps to alleviate brute force attacks" is not an argument but a genuine question. I know now that I have a lot to learn from tantryl. I really do not understand or comprehend how a lockout would help, and I hope tantryl would be willing to teach me.
tantryl: I am willing to ask the Keepass developers on your behalf to implement a time lock and I even have a draft source code ready. However, I cannot possibly ask them to modify Keepass without understanding for myself how a lockout would help. What do I say to the developers when they ask me "how does your time lock help when we could use an old version to bypass it"? I am at a complete loss and I do not know how to answer.
We have been waiting since Thursday for your answer, hoping that you would share your considerable knowledge and experience in this subject. Please do not disappoint us.
No no, I think you'll find I'll get the last word.
So you're saying the problem can't be fixed on existing databases with a minor update, and this is proof that there isn't a problem? You still seem to be confused as to the purpose of my posts.
I have accepted that there is a problem, and according to you the fix is to implement a time lock. However, you are still avoiding the question
- how does a time lock help when we could use an old version (if data compatibility is kept) or a cracked version (if data compatibility is not kept) to bypass it?
Or alternatively,
- how do you stop nasty people from bypassing your time lock, whether implemented in the executable section or the data section?
I have never said that it cannot be fixed with a minor update to an existing database, you said it. Please do not put words into my mouth. I am saying that I am not smart enough to understand what you are purposing to do (other than the rudimentary "fix the problem"), or indeed how to do it securely (other than the nonsensical "put the solution into the database with a minor update").
Yes, I am confused as to the purpose of your posts and trolling seems like an apt description at this stage. You have made it clear to OzBargain that the last word is so important to you that you will write anything to get it.
So you took three days to reply to repeat yourself because you can't understand me… and I'm trolling.
—- What do I say to the developers when they ask me "how does your time lock help when we could use an old version to bypass it"? —-
You say "Oh, you're right, there's an innate problem with the database design, the problem can't easily be resolved.
EDIT Note: I'm taking you at your word that the db can't be modified to prevent previous versions of the program from being used to avoid having a tried/time lockout.
WOW 'tantryl', just WOW! Way to totally miss any point and ignore all of the information given to you.
To generate the final 256-bit key that is used for the block cipher, KeePass first hashes the user's password using SHA-256, encrypts the result N times using the Advanced Encryption Standard (AES) algorithm (called key transformation rounds from on now), and then hashes it again using SHA-256. For AES, a random 256-bit key is used, which is stored in the database file. As the AES transformations aren't pre-computable (key is random), an attacker has to perform all the encryptions, too, otherwise he cannot try and see if the current key is correct.
An attacker now needs much more time to try a key. If he can only try a few keys per second, a dictionary attack is not practical anymore. N is a work factor, only indirectly a time factor. A super computer can try a key a lot faster than a standard PC, but anyway testing one key with N transformation rounds will take N times longer than trying a key with no transformation rounds on the super computer.This info is taken from the Dictionary Attacks Protection link above. As 'alvian' has carefully detailed to you, even if an attack was able to use 0.01 second per round you'd "technically" still be screwed. You're a few billion times more likely to get struck by lightning. So, do you tell everyone you meet that they might get struck by lightning if they go fro a stroll outside as that makes about as much sense as all of your posts?
Another vote for KeePass here. Comes down to whether you think you are in the best position to manage your data, or whether you trust the cloud to do a better job.
not found in the Australian App Store. Seems to be for US accounts only.
How does the PC version compare to LastPass? Haven't tried a lot but happy with LastPass at the moment.
Last Pass is really good
I've been using this userid/password management tool for a few years (an an inclusion in Norton Internet Security) and it works well, saving a lot of time and inconvenience logging into a raft of protected sites. Highly recommend as a freebie..