Password management best practices for mid-grade tinfoil hats

[stephen...@gmail.com]

As I'm moving from OS X to Qubes, gradually, I wanted to get a feel for best practices for management of passwords. Qubues has KeePassX. Should I trust that over the Firefox password manager? Or pretty similar? Would it be a good idea to keep the password manager in a non-networked VM? Or am I growing my tinfoil hat from mid-grade to high-grade? ;)

Thanks for your thoughts.

[Chris Laprise]

On 06/21/2016 11:13 AM, stephen...@gmail.com wrote:
> As I'm moving from OS X to Qubes, gradually, I wanted to get a feel for best practices for management of passwords. Qubues has KeePassX. Should I trust that over the Firefox password manager? Or pretty similar? Would it be a good idea to keep the password manager in a non-networked VM? Or am I growing my tinfoil hat from mid-grade to high-grade? ;)
>
> Thanks for your thoughts.

Qubes best practice is to use a non-networked 'vault' vm for holding
passwords and keys. You can run keepassx in vault and use Qubes
copy/paste between that and other vms.

Whether it is 'safe' to store passwords in firefox has a lot to do with
how sensitive the password is, and how much risk you're taking with that
vm. If you're just randomly browsing the web with that vm, then I would
not store passwords there for anything other than trivial accounts.

Chris

[Alex]

I have a keepassx instance for each trust domain (eg. Personal, untrusted and so on). The massively long passphrases that unlock these instances are kept in the isolated vault VM, along with really sensitive stuff that I don't need readily accessible to my networked VMs - eg. master encryption keys, gpg personal keys, 2FA override codes and the like.

I have stopped storing passwords in the Firefox password manager as there have been practical attacks against it that to me feel are easier to land than an attack against keepassx.

[Arqwer]

> Or am I growing my tinfoil hat from mid-grade to high-grade? ;)

I think no. I store all passwords in KeePassX in vault vm, and it is very convenient, and all passwords are in the same place. Safe place. There is almost no overhead - only additional press of ctrl+shift+c, ctrl+shift+v which is nothing. I don't see any benefit in using multiple KeePassX in different VMs.

[stephen...@gmail.com]

Thanks for sharing, everyone. That's pretty much what I have setup right now, KeePassX in the vault vm. I think that once I get a machine with far more RAM than the machine I'm working with right now, I'll probably have some site specific VMs for sites that I visit a lot but would like to maximize security. That'd let me keep the password stored inside of Firefox, which would save me the oh-so-terrible Qubes copy'n'paste ;). Stuff like checking on the several dollars in my checking account, for example.

[donoban]

On 21/06/16 21:53, Alex wrote:
> I have a keepassx instance for each trust domain (eg. Personal, untrusted and so on). The massively long passphrases that unlock these instances are kept in the isolated vault VM, along with really sensitive stuff that I don't need readily accessible to my networked VMs - eg. master encryption keys, gpg personal keys, 2FA override codes and the like.
>
> I have stopped storing passwords in the Firefox password manager as there have been practical attacks against it that to me feel are easier to land than an attack against keepassx.
>

If you are storing your bank passwords on your bank domain or your mail
password on your mail domain, password managers from apps like Firefox
or Thunderbird are safe. Specially if your domains are blocked for only
connect to bank/mail servers.