From time to time, a thread will popup about the best strategy for online passwords. Invariably, the discussion will devolve into the xkcd comic approach versus random characters. Also, password protection programs such as KeePass will be mentioned for those that don’t wish to use the same password on each site.
Why is it (or is it?) assumed that password programs are safe? Wouldn’t it be trivially easy for the creator of such a program to insert malicious code that would upload the user’s password file whenever they wanted it? When someone wants to put a program on a site like Download.com, is the source code reviewed and re-compiled or are only the executables uploaded?
Well, many of such things are Open Source which means, not at all theoretically, that anyone who reads the code can see it has been tampered with ( those who don’t, such as I trust those who do ); on a version-control site such as Git they could also work out when it was tampered with. With proprietary stuff one just trusts the maker.
And should one download from a site which has inserted bad stuff, the lesson is to download from good sites.
I don’t use password managers.
Not everyone assumes everything downloadable is safe.
I think your subject is a bit short sighted.
A better question would be: Why do some people trust everything and click on anything?
Links for anything, like a free wallpaper, can load malware that can do all sorts of mischief.
Open source password managers can be downloaded, the code inspected, and built by your own compiler on your own computer if you’re paranoid. Or you can rely on the fact that surely enough people are doing this to keep the projects on their toes.
Your question is kind of beside the point: the real question should be, “is this password manager more secure than not using it?” To answer that, you need to ask yourself, “am I the type of person who, without using a password manager application, will pick strong, unique passwords for every website I visit?”
It doesn’t have to be perfect to be worthwhile, just better than the alternatives.
If I can come up with a secure password for the password manager, I can come up with secure passwords, so I don’t need the password manager. The only reason I’ve ever seen for a password safe is while working on a group that had about 20 people in it and everybody had to have access to them, without resorting to a sea of post-it notes on all the monitors.
That’s also true of the manufacturer of your computer, operating system, drivers, browser, keyboard, phone, and probably others. To a lesser degree you’re also trusting the operators of the web sites you’re logging into, the manufacturers of their servers, their data centre, and so on.
A password manager is one of several tools that let you reduce the number of parties you have to trust in order for things to remain secure. Obviously if you don’t think they’re trustworthy then you shouldn’t use it. But make sure you pay the same attention to everything else listed above.
One can use a password generator to create strong passwords. I’m looking to 24 characters by now ( although some time ago amusingly Microsoft at least accepted very long passwords but truncated them to only the first x number of characters for some sites. So people had the false confidence of using 20 characters, but only the first [ say ] 8 mattered… ).
Then one can rely on Firefox storing them, which I suppose is a minimal password manager.
One can export them as a txt file should the computer croak.
Geez, you’re better at this than I am. I have around 100 websites with different login/password requirements (maybe a third of those for work purposes) and I gave up and got LastPass, which saves my sanity. Especially when certain of them have frequent change and obscure password rules to follow.
While you’re at it, make sure you trust Ken Thompson, too, because even if you trust the companies you’re doing business with, and the programmers who work for them, and the programmers who wrote the compilers those programmers are using, those compilers were still compiled with some compiler, and so on.
I’d say it’s even more important that you trust the operators of the web sites. It doesn’t matter how good your password is if the web site gets hacked and CC#'s are leaked to the internet.
A key quote "I’m recommending Password Safe for Windows because I wrote the first version, know the person currently in charge of the code, and trust its security. There are ports of Password Safe to other OSs, but I had nothing to do with those. "
