Will Apple release their own password management software in touchbar?

Discussion in 'Mac Apps and Mac App Store' started by FatherJack1980, May 22, 2017.

  1. FatherJack1980, May 22, 2017
    Last edited: May 22, 2017

    FatherJack1980 macrumors regular

    FatherJack1980

    Joined:
    Dec 31, 2015
    #1
    Sorry if this is in the wrong category.


    1password seems to be the only password management system that utilizes the touchbar ...however I do not trust 3rd party apps for my passwords; so I'm asking if Apple has ever hinted that they will release a password/security app for the touchbar (where the passwords are not stored in the cloud)?

    I know Apple has keychain but I don't trust the cloud completely - I would prefer my passwords being locally stored on my computer and phone (if one thing died I would be able to retrive the info from the other device, when setting up a new computer/phone ...I imagine both things dying at the exact same time to be statistically unlikely)

    I would also love to have the ability to tell my computer, through the Settings app in the iPhone, that to expect a different kind of fingerprint id than mine, but it must let that fingerprint into the operating system - but to hide and/or close apps that I didn't want that person to have access to (would be very useful if the laptop had to be repaired or a child wanted to go onto the computer).

    I don't want to setup a guest account because I think it's ugly to see that at the login screen

    So far I know that you can lock the Notes app in the iPhone ...but nothing else (!)



    I'm a Windows user and contemplating the idea of moving over to Macos and iOS - mainly because of two things; they kinda share the same ecosystem whereas Windows doesn't have any phones anymore and because of Homekit which I'm pretty sure Windows doesn't have and will not have, at least not in the near future.

    One of the things I want is a big screen, and so far the 15" doesn't offer a laptop without a touchbar; but I also prefer the new models to the old ones because the new ones are lighter to carry.

    Apple encrypting my passwords on my devices (like they do with the fingerprint through touchid) and the interaction between the iPhone and Mac computer with touchbar (where you could remotely lock sensitive data in your computer through your phone and vice versa, for example) would lock me into their ecosystem - and I would be happy with that, which is not a common occurrance. I know there's an event soon, but has Apple hinted at them being wiling to go this route?
     
  2. casperes1996 macrumors 68030

    casperes1996

    Joined:
    Jan 26, 2014
    Location:
    Horsens, Denmark
    #2
    1Password is encrypted with AES256 as far as I recall.

    I find it very unlikely Apple will make what you want.

    Why not use the standard Keychain though? If you don't want it in the cloud, disable keychain in iCloud and manually move over the keychain.
     
  3. leman macrumors G3

    Joined:
    Oct 14, 2008
    #3
    Apple has offered a password manager for quite a while now — its Keychain, and its deeply integrated with the OS. AFAIK, it also uses all the security hardware the OS offers automatically, so it should be fairly safe. I am fairly sure that Keychain will get full touchbar support eventually. If you don't like its cloud-based sync capabilities, you don't have to use them. Although one has to say that cloud sync is fairly safe, as its encrypted with your user password and thus the data can't be read by Apple or anyone else.
     
  4. smallcoffee macrumors 65816

    Joined:
    Oct 15, 2014
    Location:
    North America
    #4
    Kind of, but that's ok.

    I don't think they'll make anything. Their vision of the future is no passwords.

    Hm, so as others have mentioned, you can use Keychain, but if you don't want to use "the cloud" then what you're asking here I think is pretty difficult to implement. How would you transfer the passwords from device to device?

    I highly recommend that instead of having multiple passwords, you choose, maybe two. One, that is incredibly complicated and impossible to guess that you'll use for websites like banking or email, and one that you wouldn't care if the account got hacked, like the forum. There's simply no need to have a password manager because you shouldn't have so many different passwords - all it does is lead to poor password practices.


    Ok so, you can do this but not the way you've described. You can set different fingerprints for both iPhone and Mac independently, but you can't set a touchID password on your iPhone for use on your Mac or vice-versa.

    Not possible that I know of. You can probably, somewhere in some setting, require a password/touchID to open certain apps, but I have no experience with it. The preferred option is the one you think is ugly, but I believe you can update settings such that you don't view multiple profiles on the log in screen.

    I thought Apple was selling. non-touchID version of the 15 inch, but then that defeats your touchID password ideas.

    I don't think you can remotely lock sensitive data on your computer from your phone. But Keychain and Apple's security management is pretty top tier. I think you should be comfortable using it. You can also use FileVault to encrypt data on your drive in case you lose your laptop or it gets stolen.

    Hope this helps!
     
  5. casperes1996 macrumors 68030

    casperes1996

    Joined:
    Jan 26, 2014
    Location:
    Horsens, Denmark
    #5
    ~/Library/Keychains – Copy it over to another computer and you should be good to go. The entire keychain is locked with your login details, so you need to know that one manually. You can also lock it down further from the keychain app.
    Oh and regarding locking sensitive data from your phone or whatnot, ssh into the computer and use OpenSSL to encrypt the data. Doubt there's anyway to do it without using the Terminal however.
     
  6. ZapNZs macrumors 68020

    ZapNZs

    Joined:
    Jan 23, 2017
    #6
    I doubt it - and I especially doubt they could make something as good as 1Password, especially in regards to cross-platform functionality. Personally, I have greater confidence in Agilebits' dedication to protecting customer PII more so than I do with Apple or Microsoft, based on my own interactions. Big fan of the App, and very big fan of the people behind it.
     
  7. killawat, May 23, 2017
    Last edited: May 23, 2017

    killawat macrumors 65816

    Joined:
    Sep 11, 2014
    #7
    Keychain works but you have to pay attention to the be familiar with some of its inner workings to get the most value. Whereas 1Password is much more straightforward and the autofill features are top notch. It is not difficult to create a unique login for every website you visit with minimal impact to your workflow.

    So grab 1Password and Little Snitch.

    Ask Snitch to block outbound network (including updates if you are highly paranoid) for 1password.
    Ask 1Password to lock after 1 minute of inactivity.

    For tin foil enthusiast, run 1Password in a Mac OS VM with no network connectivity or shared folders, encrypt with filevault.

    Done
     
  8. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #8
    Hi there.

    I work for AgileBits, and am one of the developers on the iOS and Mac team working on 1Password.

    Can you explain a bit more about what your concerns are? I'm also a member of our security team so I'm happy to have a chat about any worries you might have.
     
  9. casperes1996, May 23, 2017
    Last edited: May 23, 2017

    casperes1996 macrumors 68030

    casperes1996

    Joined:
    Jan 26, 2014
    Location:
    Horsens, Denmark
    #9
    Well, I know this isn't targeted at me, but I'd like to ask a question regarding security anyway.
    Keep in mind I've yet not used 1Password, so I may be wrong about a few assumptions.

    Now I assume there's a global password for the app that encrypts all the passwords locally with AES-256. I also assume that when the passwords are sent to your servers for syncing with other devices, that private-public key cryptography is used and that the encrypted "keychain" is locked with your server's public key before being sent to the server, after which it is unlocked and locked with the syncing device's public key before being transported off to that device. First off, what private-public key generating algorithm is used if this assumption is correct? If somehow the private keys could get found out, a weakness in the global password could render the entire "keychain" accessible. Or indeed if your servers were hacked, only the user-defined password that encrypts the passwords with AES would be a barrier for an attacker to get the passwords. I'm unsure of the hacking time for AES-256 right now, but presumably in the future, with a good dictionary, you could go through quite a lot of correct hashes quickly.
    Second. Assuming your servers got hacked, a copy of everything was made, and then the servers deleted entirely. Could attackers not theoretically hold people's passwords for ransom, even without knowing them? I mean, of course people would still have their local copies, but let's say someone's Mac died entirely and they went out and bought a new one, the attacker that gained access to the server's data would be the only one able to send them back their AES encrypted "keychain". Though I suppose at that point it's up to the user to keep local copies.

    Anyway, I know I picked out rather fringe scenarios and that this isn't exactly a pressing security issue, but I'd like to know if my assumptions are correct :)



    PS. Good customer service right there
     
  10. leman macrumors G3

    Joined:
    Oct 14, 2008
    #10
    Not an interested party here (actually, I don't even use 1Password), but as far as I know, the design used by AgileBits is openly documented. So most, if not all questions asked by @casperes1996 can be answered by reading the paper :)
     
  11. BeefCake 15, May 23, 2017
    Last edited: May 23, 2017

    BeefCake 15 macrumors 65816

    BeefCake 15

    Joined:
    May 15, 2015
    Location:
    near Boston, MA
    #11
    Just realized little snitch is not a password manager...name makes sense for network security :)
     
  12. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #12
    Great questions, and happy to answer them!

    1Password works very differently than I suspect many people think so those of us at AgileBits have our work cut out for us to explain this.

    Before I give a brief overview, I want to point out that a bulk of this is available in our security white paper if you want to read the gritty details. I'm going to try to simplify things here as best I can, if you want a more definitive answer please review the white paper as it goes to great lengths to explain these details.

    We have two secrets that are known only to the user. First is what you expect to see if you've used 1Password in the past, it's the Master Password. The second is a bit more interesting and is called a Secret Key. When you create your account your device creates a 128-bit key locally. This key is not sent to our server, neither is the Master Password. Both are only known to you.

    Each vault in 1Password is encrypted with a Vault Key. Each item in the vault is encrypted by this Vault Key. If you have access to a vault the vault key is encrypted by your public key. Thus the vault key can be decrypted with your private key. Your private key is yours and yours alone, and your private key is encrypted by a Key Encryption Key, derived from both your Master Password and your Secret Key.

    Our servers have none of these keys :) All encryption and decryption is done locally on devices. Our servers have no secrets that can be used to launch an attack on your data. So assuming someone gains access to our servers, they'd effectively gain access to random gibberish that requires your Master Password and Secret Key to decrypt. Which we never receive.

    Effectively if an attacker gained access to our servers they'd have to guess both your Master Password and the 128-bit Secret Key because nothing is stored on the server that can be used to launch an attack that can allow them to expedite the attack using other data.

    We designed 1Password to withstand attacks knowing full well that our servers would be a target. The Secret Key protects you from this scenario. A user with a terrible Master Password of "password" without the Secret Key would be easily guessable. But when combined with the Secret Key, it's incredibly strong and effectively thwarts a brute force attack by making it very very difficult to do. Likewise, someone with a strong Master Password is only strengthened further by the Secret Key.

    Your data is backed up independently of our servers, so even if an attacker managed to delete your data from our servers we'd still have a copy and could restore from that. We have a copy available in another region as well, so we can failover to it if necessary.

    I hope that helps alleviate your concerns. Again though, I strongly encourage you to read the white paper, I suspect you'll find it incredibly insightful.
     
  13. killawat macrumors 65816

    Joined:
    Sep 11, 2014
    #13
    Little Snitch is a host based firewall app thats sold in the App Store and has been on the scene for several years. It is the first app many people install on a fresh OS build (myself included) and has the ability to stop cold some of these new ransomware/trojan attacks that show up for the Mac, amongst other things.
     
  14. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #14
    You're correct, it's the security white paper that goes into detail on how all of this fun stuff works. Our chief of security spent a great deal of time writing this up because we believe being open and honest with our users is how we earn trust. We use standard encryption techniques that have been proven and time tested and the white paper shows exactly how it's done.

    In an ideal world, one day we'd make the encryption frameworks we use open source or available for review. We do make some of this available, notably in the form of API documentation (and if someone is on the right track we'll provide more details as necessary) for qualified security researchers as part of our bug bounty program through Bugcrowd.

    Thanks for chiming in with this detail. It's awesome to know that our users are starting to become aware of the documentation we make available.
     
  15. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #15
    Just as a general note (without referring specifically to 1Password): The vulnerability to dictionary attacks on passwords does not primarily depend on the "crackability" of the encryption algorithm (such as AES in your example), but on the key-derivation algorithm that is used to generate the actual encryption key from the user password. State-of-the-art encryption implementations use a key-derivation function that is deliberately designed to be slow to compute, which drastically increases the time required to try a large number of passwords. On the other hand, when the legitimate user is using the password to derive the key, the key has to be derived only once and a small delay is not a problem.

    So for encryption products that use passwords, always check what key-derivation algorithm is used in addition to the encryption algorithm. A proven algorithm is PBKDF2 with a high number of rounds. If a product uses a "home brewed" function, or the developer does not disclose what algorithm is used, it's usually better to stay away.
     
  16. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #16
    From our security white paper,

    Also, under "Slow Hashing," if you're curious about the rationale why this was chosen:

    Note: some of those quotes were cleaned up to remove hyphenation and footer notes
     
  17. leman macrumors G3

    Joined:
    Oct 14, 2008
    #17
    Well, I never managed to learn cryptography myself (I just lack the mental capacity to go too deep into it in additional to my day job), so I totally admire what you guys are doing. Actually, seeing how open you are with all this, I am starting to seriously consider buying 1Password myself :oops:
     
  18. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #18
    Comes with a 30 day trial. You can always try it. At the very least even if you don't decide to keep it, we're always happy to listen to feedback as to why.

    We know full well we aren't the solution for everyone, we can't pretend to be either. But feedback helps us try to determine where we need to improve and we can gauge that against other feedback.

    I realize this helps us more than you of course, so I wouldn't expect anyone to do it, but it's always a welcome thing if someone decides to.
     
  19. casperes1996 macrumors 68030

    casperes1996

    Joined:
    Jan 26, 2014
    Location:
    Horsens, Denmark
    #19
    Thanks for your answer. From what you wrote however, it doesn't sound that dissimilar to what I wrote in my original post, albeit the backup thing I hadn't thought through well enough. I will most certainly give the white paper a look. Thanks.


    Right. This was essentially was I meant as well, albeit phrased badly. P vs. NP. Interesting stuff.
    --- Post Merged, May 23, 2017 ---
    Actually, one more thing. And remember, I haven't tried 1Password yet, so this may be obvious stuff. If an extra 128 bit key is generated, how would someone go about unlocking their vault on another device if the original device is lost or broken? Do you need to keep a copy of both your master password and the generated key? – Sorry if this is obvious from the white paper, haven't looked yet.
     
  20. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #20
    When you sign up you're asked to print an Emergency Kit, which has everything necessary to sign in on another device, including a QR code that can be scanned to facilitate entry. It basically has your email, Secret Key and the URL for sign in on it. The PDF/Printed copy has a space for Master Password entry if the user wants to do that, assuming they'll store it in a safe place.

    I keep mine separate. A copy of my Master Password stays at my parents house in a safe, inside a tamper proof envelope. The Emergency Kit without the Master Password is at my house. I'm less likely to forget the Master Password so keeping that offsite is best.

    I also keep a copy of the Emergency Kit in a safe deposit box along with some very basic instructions on how to access my account. In the event of my inability to handle my own estate my parents know to check there for instructions. Which points to a Secure Note (an item type in 1Password) with details about bank accounts, bills, things that need to be cancelled and paid for, etc.

    A little detour there, but yea, you need to have the Secret Key. Here's an example one I have from a developer account that has since been deleted.

    A3-R3G5DP-EZLKA8-M3Z6W-3NBE2-XQ2TY-PTB4K

    You could also store it in another device like a Yubikey. I've contemplated putting it as a static key on a Yubikey as a backup as well.

    Also any device that is signed in is able to display a QR code that can be scanned, or just display each field (less the Master Password). So each device signed in acts as an Emergency Kit.

    For Family and Team accounts other members can be designated as part of the Recovery group which allows account recovery for those who forget/lose this data. I have a family account and can recovery my other family members accounts as a result. Which has proven useful for my parents :) AgileBits can't recover your account, if you lose access and have no recovery members who can perform that for you, the account is lost.
     
  21. Trey M macrumors 6502a

    Trey M

    Joined:
    Jul 25, 2011
    Location:
    USA
    #21
    I agree with what others have said; to Apple, the concept of a 'password' is counterintuitive and the odds of them releasing something along the lines of a standalone password management application (including touchbar functionality) are zero to none. I think their current iCloud Keychain implementation is as far as they'll go.

    That being said, 1Password is a fantastic application which is updated frequently and has a proven track record. As far as features of a password management application I can't imagine a better solution to what it seems you're looking for OP. And look at the customer service! ^^^
     
  22. Partron22 macrumors 68020

    Partron22

    Joined:
    Apr 13, 2011
    Location:
    Yes
    #22
    Apple's history with standalone Apps, other than System/Finder since 84' does not infuse me we confidence. The landscape is littered with no longer supported corpses.
     
  23. casperes1996 macrumors 68030

    casperes1996

    Joined:
    Jan 26, 2014
    Location:
    Horsens, Denmark
    #23

    Seems you've thought that one through, hehe. Well done, man. I appreciate you taking the time to answer my questions, but more importantly, I appreciate that you guys at AgileBits have taken the time to actually be thorough with this stuff.
     
  24. AGKyle macrumors 6502a

    Joined:
    Jun 10, 2012
    #24
    Thank you for asking questions! We wouldn't be where we are without our users. But importantly 1Password wouldn't be as secure as it is without users and non-users asking questions and making us think in new ways and pointing out ways we can improve.

    If we can ever help answer any questions for you in the future just reach out. You're welcome to ask for me specifically as well.
     
  25. techwarrior macrumors 6502a

    techwarrior

    Joined:
    Jul 30, 2009
    Location:
    Colorado
    #25
    My family has purchased several copies of 1Password, including iOS (Pro), Mac, PC. Originally I purchased the Mac client before it became available in the MAS, and I recall I upgraded to the MAS version for the iCloud sync option. I have also encouraged several family and friends to purchase the app, it has become a standard in my circles! PC users in our family have been using DropBox for their sync destination.

    Given the considerable investment we have already made in the apps, we are hesitant to move to a family account.
    • Will AgileBits continue to update the standalone clients, or will there be an end of road for the standalone clients as happened with v3 (actually, it still works with local sync as i recall)?
    • I glossed over the security paper because it focusses on Teams, is there a similar document covering the standalone clients or are the concepts similar?
    Thanks for jumping in on this forum, I use this product many times daily, and it is reassuring to see the dedication to security and transparency.
     

Share This Page