Password managers are an essential part of the security toolkit for both consumers and businesses. They allow you to use random, strong passwords for each of your online accounts, helping to protect against the risk of password disclosure from sites after poor encryption practices. Increasingly, they also support features like automated logins, storing 2FA TOTP codes (a bad idea, unfortunately), and importantly, syncing your passwords across devices.
Storing your passwords in a vault is not a new concept—software like KeePass has been around for decades—but syncing your passwords between devices is. This is actually the crucial factor that has made the current crop of cloud-based password managers viable. Would you use a password manager that required you to manually copy each password to your other devices every time it was updated?
But if you’re syncing between devices using a cloud password provider, does that mean your passwords are visible to your cloud provider?
Your provider cannot read your passwords
No one wants the responsibility of keeping everyone's passwords safe. The simple answer is that your cloud provider cannot read your synced passwords. This may seem a bit obvious. After all, it would be a terrible idea for a cloud service to receive your passwords in plain text, but this is surprisingly difficult to solve. It works by encrypting your passwords locally on your device before sending them to your provider, ensuring that your provider only receives your encrypted passwords. These passwords are encrypted with a key derived from your master password (basically created from it), ensuring that even your provider cannot decrypt your data without access to your master password in plain text.
The key element here is that the apps and software you use locally are kept secure, which is why it’s common practice for top providers to have their apps regularly audited by trusted security firms or even open-sourcing their code to expose it publicly. When you log in on a new device, your encrypted password dump is downloaded to your local device and then decrypted using a key derived from your master password.
This is known as zero-knowledge architecture, where the service provider has no knowledge of the data stored on its platform. The provider takes on the responsibility of storing and transmitting the information, although they do not have the ability to access it.
Password managers use a neat trick when you sign up
If you’re following closely, you might notice a problem. When signing in on a new device, the user must authenticate with the service provider before allowing the password vault to be downloaded. Once authenticated, the app uses keys derived from the user’s master password to decrypt the password vault. So far, so good, but if the user authenticates with the provider using their password, surely the service provider must take a look at the user’s password to authenticate them? When a user logs in from a new device, doesn’t the service provider see the password, allowing them to decrypt the vault?
The trick happens at signup. Instead of transmitting the plain text password to the server (which is plain text, secured only by HTTPS/SSL), as you typically do when logging in online with an app, the client hashes the password itself and sends it to the provider. Providers generally do this on the server-side, as it adds complexity when, for example, you change your password. The provider only sees the 'hashed' version of the password.
The client only ever transmits the hashed password
Hashing is a one-way function that takes the original password and produces a hash. This hash can be recreated at any time using the original password, but it is impossible to reconstruct the original password from the hash, making it one-way. This is essential for any online service, as it allows providers to store passwords in a way that they can be authenticated without being stored in plain text.
With password managers, this hashing function occurs locally when you sign up. This means that the app never directly transmits your password to the provider, allowing them to store only the hash. When logging in from new devices, each device can hash the master password and send it to the provider's servers without exposing the original master password.
What about changing your password?
When you change your password, the entire process is repeated locally. Your password manager verifies with the provider before re-encrypting with your new password, downloads and decrypts. It then sends the password hash and encrypted vault back to the provider for storage.
Forget about resetting your password
The downside of this architecture is that you may forget about being able to reset your password. Since your vault is encrypted with your master password, and your service provider has no access to your original master password, they cannot physically decrypt your vault for you. This can be a serious problem if you forget your password manager's password.
However, there is some comfort. During your initial setup, you are given the opportunity to generate a recovery code. This works differently from service to service but typically consists of one-time-use codes that allow you to recover your account in case you lose your password. The cryptography here can get a bit complex. Generally, it either works by encrypting your original vault with a multi-key algorithm, allowing multiple new keys to be used on top of the keys derived from your master password, or b) encrypting a second copy of the keys used to decrypt your vault with your recovery code, allowing the original keys to be recovered using the recovery code. Implementing this securely can be challenging, and some major password managers have only recently added it (1Password only added support in June of this year).
If you’re interested in reading more about how recovery codes work in password managers, 1Password documented its technical solution in a blog post.
Password managers are smart bits of kit
Cryptography is highly complex, so we’ve left out some more intricate details here, but hopefully, this provides at least a glimpse of the encryption magic happening under the hood of your favorite password managers. Internally, cloud-based password managers might seem like a terrifying idea, but with lots of clever math and some good security auditors, they can be some of the best ways to protect your personal cyber security.
Posts
0 Comments