Giving up on RndPhrase

[fre...@freaken.dk]

Hello group,

I have been an avid RndPhrase user for the last few years. However recently I have come to hold the opinion, that password managers are better than RndPhrase, as least as I am using it.

First of, I do not think the original threat model that RndPhrase is adequate anymore. It started out as a way to protect against websites being compromised/evil and leaking your website from the server-side (either by hooking the validation mechanism or cracking hashes). However I do not think that this is a sufficient threat model.

We have long talked about javascript leaking your password. We have a fix for firefox, but none for chromium AFAIK.

However this is not just a theoretical attack that might happen if RndPhrase ever become popular -- it is happening right now, though not in the form we expected.

- When you log into https://www.patreon.com with RndPhrase, it sends your master password instead of your generated one.

- When you try to change your password on github, it sends the password to the server as you write it, to check the password strength.

In a post-Snowden world, this is bad. Quantum insert is also a big deal in this context.

While this is the main reason I am quitting RndPhrase, there is another security issue that will probably prevent me from coming back. If we assume that my master password is ever compromised (through either human stupidity, an attacker or a combination), then the loss is much greater than expected.

The initial assumption was that once we take the time to change our password on every site, then everything would be okay again. However that is not true, as we now know that passwords are wonderful pieces of meta-data to tie all account together. We might also imagine that an attacker would be able to gain persistence faster than we can change our passwords.

Finally I am not a fan of the inflexibility of the original design and the number of hoops we have been forced to go through to satisfy password letter/length restrictions. There is also the problem of multiple places sharing a password database (multi-domain sites or eduroam).

While I am a huge fan of RndPhrase and the work you have done, I no longer believe that the advantages (ease of use, fewer keystrokes, http://rndphra.se) outweigh the disadvantages.

Best of luck to you,

Idolf

P.S. Why does rndphra.se not have https?

[Ronni Elken Lindsgaard]

P.S. Why does rndphra.se not have https?

Because it is hosted on github.com. I can see they have now changed it so that you cannot just use https://rndphrase.github.io. That is a bummer.

I will look into making a certificate and getting it hosted properly.
 
--

Mvh
Ronni Elken Lindsgaard

[Peter Müller]

On Jan 6, 2015 12:45 PM, "Ronni Elken Lindsgaard" <ronni.li...@gmail.com> wrote:
> Because it is hosted on github.com. I can see they have now changed it so that you cannot just use https://rndphrase.github.io. That is a bummer.
>
> I will look into making a certificate and getting it hosted properly.

I recommend just moving the domain to Cloudflare for free CDN and HTTPS

[Ronni Elken Lindsgaard]

Thanks for taking your time to write this mail with your issues.

I agree, that the threat model has changed. And in a post-snowden world, we cannot even trust the sites that we login to. Thank you bringing the issue to attention.
Instead of focusing on usability by implementing an improved algorithm, I will for now shift the focus into keeping the master password secure by typing it in seperately from the DOM. That means I will focus on
developing browser plugins.

I do not follow your line of thought with regard to master passwords. If your master password is compromised, then indeed you are screwed, and you must change all hashes based on that password. This is a fact whether you choose to use RndPhrase or a regular password manager.

In RndPhrase we make use of a seed and a password. I suppose your use of "master password" refers to the password. This is the one which is typed in on use and this is the one that is most likely to be compromised, the seed is a global value which is never stored in cleartext and therefore is not subject to being exposed (unless you do something stupid).
I suggest that you don't use the same seed and password configuration for all sites even though they are "uniqueified" by the hashing algorithm. Ideally you should use distinct passwords for every site/domain. I do not consider this a security flaw as much as good opsec.

Your problem with the inflexibility is really a usability issue which is addressed by the improved RndPhrase algorithm. However, you can already use this on http://rndphra.se.

I am aware of the problem with HTTPS, and I have found a webhost. Everything takes time, and I try to use it coding whenever I can. :) I will be sure to notify people when I have made the proper arrangements. Any help is of course welcome.

I hope you will be back at some point. Hopefully I (or we) will have adressed your issues by then.
 

[Mathias Svensson]

With a password manager you just change your encryption key for the
password list...

[Johan Brinch]

Depending on the setup, the encryption key becomes the master password which can be list through human error. The main difference is that you can destroy the list of passwords to erase the trace.