User authentication and online password managers

June 19, 2007

Authentication is an essential part of any web application. But why are web service providers so secretive about their authentication protocols and procedures? Why they are not disclosing any information about how users’ credentials are communicated, verified and stored?

login form

They simply and plainly ask their users to trust them. But do they deserve this trust? Not always

Recently, the folks behind confessed that a backup copy of their database had been stolen. Later, one of the Reddit developers, confirmed that the database contained password information for Reddit’s users, and that the information was stored as plain, unprotected text. In other words, once the thief had the database, he had everyone’s passwords as well.

Storing plain text passwords was a design decision: they wanted to be able to send forgotten passwords to users via email. Risks deriving from having plain text passwords in the database were weighted against the convenience to add this feature to their service. And they opted for the user-friendly feature. Bad decision.

Sending usernames and passwords in unencrypted email messages is more common than expected. It’s quite easy to find examples even among those handling very sensitive data (e.g. MyBlackBook) or from highly reputable companies (e.g. wildly popular 37signals applications).

Are online password managers any better with regard to good authentication practices?

Of course I can only answer for Clipperz

Clipperz online password manager implements the Secure Remote Password protocol (SRP) combined with Fortuna, a cryptographically-strong random number generator.

SRP provides security against both passive and active network attackers and, if compromised, it would not allow the attacker to impersonate the client. In addition, SRP exchanges a secret as a byproduct of successful authentication, which enables the two parties to communicate securely.

It is believed that SRP is at or near the theoretical limit of security that can be offered by a purely password-based protocol. (Suggested reading: the interview with Tom Wu, inventor of SRP)

SRP authentication has a downside: it is slow. It requires the user’s browser to perform heavy computational tasks, but would you mind wait a couple of seconds for higher security?

The credentials used to access an online password manager are the most precious since they act as a “master key” to the wealth of private information that a user submits to the online password manager. Therefore they should be protected with the best tools available.

PS - Needless to say, bad authentication practices are another good reason to use different passwords for different services (and a password manager to remember them all!).