I've been reading about this intently since the press release from LP because I decided to switch to a "real" password manager over the holidays. I've had a quite a few misconceptions corrected by HN.

After using both 1pass and LP for a week, they are both equally clunky in their own special ways. LP really did bone it by not enforcing super strong master passwords AND not encrypting metadata. 1P secret key is clever, I didn't understand it clearly until recently.

Other than that, the UX/UI is essentially identical: same UI warts and bugs, same frustrating behavior, same bloat, etc. Both are equally fucking annoying with getting popups and fill-in fields wrong 25% of the time.

N.B. I have not used them in a corporate setting where you may need to manage & rotate credentials, though.

But based on metadata and lack of forcing users to create strong passwords, 1P has the right to point at LP and laugh in this case.

I don't think I have ever had 1Password get entries wrong. Some sites seem to do something to block it, and every now and then 1Password doesn't enter the state for addresses (given the variety of user experiences for that, it's not surprising).

It screwed up my capital one password change by not filling in the "re-enter" field, or offering a different password for this field, and then not asking to remember it, causing me to have to reset a forgotten password.

Don't blame CapitalOne, it is 1P's fault for offering a broken feature: if you can't properly update an "update password" form, don't offer to do so. Like tesla and its bogus FSD.

I've been changing some passwords and 1P constantly overwrites the password it just generated or when I click on a password to change it overzealously copies it which means i repeatedly have to go back to the generated password vault look at the history and copy it into the password entry. LastPass was a bit less trigger happy with the click-and-copy and smarter in detecting when a password changed. Like I said, both have bad UI, 1P is just a little worse than LP.

> Some sites seem to do something to block it

In my experience, this is often not a matter of "doing something", but rather a matter of "not doing something [correctly]". If a site does not properly tag an input field, then password managers (and other applications) will have trouble finding it.

An interesting read, but I wish it had come from literally any other source. This feels very much like kicking a competitor when they are down, and pretty tacky.

Lastpass needs to be kicked until its dead. You don't get do-overs with mistakes of this magnitude.

Their customers (if they are responsible) basically need to go through everything and setup a new password + maybe add 2FA (+ re-input all of this in a new platform). That could be for hundreds of accounts. Giant pain in the ass and they still have to worry about their vaults being out in the ether or sold on the Dark Web and hacked in some distributed way.

There are definitely ways to export passwords from what I have read though I don't think there are convenient ways to import.

I use LastPass families with my wife so my rough plan is to:

1. Evaluate 1password, bitwarden, etc. for feature parity 2. Rotate highest value passwords like email, financial, critical things without MFA, etc. 3. Prune and unused junk 4. Export from LP and import into it's replacement 5. Cancel LP

I guess maybe 2 will come after 4 since I'd like to avoid adding any new PWs into LP.

I am not even that angry they got hacked but mostly angry about how they handled the encryption cycles of legacy users (5000 vs the current 100100) and that hackers were in their systems for many months and could exfiltrate customer vaults without them noticing.

It may be kicking LastPass, but it may also be trying to head off customer defections away from ALL cloud password managers.

What happened at LastPass is likely to shake customer confidence of all vendors.

Yes, seems fair enough to me. Most people (quite reasonably) just aren't going to get the nuances differentiating cloud-based pw managers. One blog post isn't going to change that in itself, but it's fair for Agilebits to get the word out where they can. It's natural they don't want to suffer reputational damage consequent on a competitor's breach.

I agree. I think it was totally justified and well timed. I'm glad they came out explaining why they're different and better, and why they can be trusted.

What's pretty tacky is how LastPass is lying, or at least misleading when pretending that LP master passwords cannot be cracked.

Am I the only one who thinks it's crazy to put all of your passwords on a companies cloud where every single one of their other customers password vaults also lives?

Aside from putting the burden for file management of the vault on the customer, help me understand how local storage (with backups) isn't the safest place to keep my passwords from being compromised.

Happy paying 1Password customer here for nearly a decade.

I know that password management is becoming a standard OS feature (aka becoming "sherlocked"), but I'd like to stay a paying customer as long as possible.

I was a happy paying 1Password customer until they switched to a subscription model (and, when I contacted them, initially lied about it). At that point, I became a happy iCloud Keychain user and never looked back. Most of the essentials, none of the greedy business model.

If 1P returns to allowing me to own their software, rather than requiring me to rent it, I may reconsider. I might not, however, since I've since found I much prefer a password manager that's integrated into the OS, not a third-party one that could change its pricing at any time.

Built-in password managers are only going to get better and better. I think third-party ones will have an increasingly difficult time justifying hundreds of dollars vs. free.

I use 1password and I trust them way more than I trust myself, and think they are at least on par with competitors so I'm not trying to knock them in any way. That said, I think the problem with these breaches is the "unknown unknowns". If you've thought of the conditions they lead to a breach, I'd expect you to have addressed them as a professional password storage company. But there can always be failure modes they weren't considered. Maybe it's good to reassure customers that they are still safe. I think it's still a little smug.

It reminds me of companies that didn't do layoffs explaining why they didn't have to do layoffs. Most don't plan to, but someday you may have to, and it's how you act when something bad does happen that's more important than how you act when everything is ok

This isn't speculation about how a breach might happen, it's what an attacker can do with the encrypted data afterwards. This is well understood basic cryptography.

It does take them a while to get to the point, which is that they use a "secret key" in addition to a password to derive an encryption key. It's a smart design.

I didn't really read the details of the secret key, but what happens if you lose your device that was storing it?

I agree that machine-generated passwords are better, though it spends half of the article on it, based on this weird statement:

> The LastPass account password “best practices” advice linked to in their announcement says nothing about using a password generator, so it would be incorrect to assume that users are generating their LastPass passwords using a strong password generator.

A more compelling criticism would be to identify some flaw in the UX instead of the absence of something in documentation, which is a really poor signal for user behavior.

They also give zero justification or explanation for why they selected 2^36 as the complexity that is assumed for the reader's password. It's too bad, as their own page on PBKDF2 (https://support.1password.com/pbkdf2/) shows what the complexity and cost is of various password models, but they don't use any of that data, and just stick with the $100 / 36 bits number.

Based on their own page, I would probably estimate the complexity of the average user's password at around 50 bits (3 word, digit separator, capitalize one), but that would result in a $1 million dollar crack cost, largely wiping out their own argument.

> If you consider all possible 12-character passwords, there are something around 2^72 possibilities. [...] But the people who crack human-created passwords don’t do it that way. [...] What matters is whether yours is going to be among the few billion that attackers try first.

In other words, human-generated vs non-human generated becomes irrelevant with the growth of an average password length, the longer the length of a human-picked password the lower the chances it would match with someone else's leaked longer password. In the end it would take slightly more than a dataset with "a few billion" pre-defined values. The attacker has to decide whether the password is even longer than usual, or non-human generated at all, and whether it's still worth pursuing for the further few billion iterations.

If you are an attacker and targeting a specific user, then yes - you wouldn't know the password length. However, if you were able to breach LastPass and got a database containing hundreds of thousands or millions of users, you could safely assume that many would have average-length passwords, with lower entropy than machine-generated passwords. This means that using a combination of rules and dictionary-based attacks could indeed significantly reduce the search space.

I think the article also does a good job explaining why the claim that "you're safe because of 100,100 iterations of PBKDF2" is pure marketing BS, and LastPass is either being dishonest or intentionally misleading users.

It also made me appreciate even more 1Password's architecture, and a deeper understanding of the (mildly annoying) secret keys. The last paragraph is also great: the point of longer passwords is not as much to protect from a breach on their side, but to protect in case your own machine is breached*. Those are very different threat models, and always worth assessing them separately.

Disclaimer: I've been a long time user of 1Password, but the recent breaches indeed got me a bit worried about what would happen if AgileBits were ever in the same situation.

The secret key is clever, but I guess only helps people with bad passwords. If you already have a ~64-bit password it doesn't add anything except doom you if you lose your device (and backup code). Good for the majority of users, however.

Is 1password's "Secret Key" in any way homologous to simply using a key file or virtual/hardware key? If you use a keyfile for a Keepass database, is that basically the same thing besides the fact you have to do the file management yourself?

The secret key is is 35 random characters that are assigned to your account when you set it up and must be appended to your password to decrypt.

Whenever you log in, you need to enter your password and the key. The browser extension will cache it in a cookie, but every new device requires you to enter the key.

You remember your password, and hide the key.

It's more analogous ("homologous"? really? lol) to being automatically enrolled into a 401k: you are automatically assigned half of a very secure password.

Hardware keys typically are OTP token generators used to assist in login authentication and have nothing to do with the vault. Not at all what the secret key is.