DropBox + PasswordSafe = Good ??

When I read Joel Spolsky’s post about DropBox combined with PasswordSafe I kind of fell from my chair. Apparently he was looking for a way to store his passwords in a safe way and be able to access them on any computer he uses. This is what he proposes:

  1. Install DropBox on all your computers. DropBox is a simple tool to synchronize a local folder to an Internet site. It will synchronize the contents of the folders so you’ll have your data, latest version, available on all your computers. Note that DropBox is secured by a username and password send over the Internet (using SSL of course, at least I hope it is).
  2. Install PasswordSafe on all your computers. This is an application that creates a database to store and generate passwords. It uses a password to encrypt the database. The usual algorithm is deployed: the password is used as input for a derived key function which is then used to encrypt the database. PasswordSafe can generate long and random passwords for you and helps you enter them into login forms.
  3. Store the PasswordSafe database in the DropBox folder.
  4. Password Nirvana!

Joel even suggests to go all the way and change your bank account password to something really hard (like 16 random characters) and store it in PasswordSafe.

Joel seems to think that this is really all safe since he is using long and hard passwords on websites (those 16 random PasswordSafe passwords) and the “derived key function” used to encrypt his PasswordSafe database. Well Joel … I don’t think so. This is a clear case of “security dependencies” or “weakest link” …

Let’s see what I need to do to get at Joel’s really long and hard to guess 16 character password for his bank account.

  1. I need to hack into his PasswordSafe database. In order to do that, I first need access to it …
  2. I need to hack into his DropBox account. Doing that requires the usual hacking of a username and password on a Internet site. With the DNS flaws and various Phishing techniques that is not even that hard these days. Not to mention that this is worth the effort, after all it will give me access to his bank account!
  3. Now that I have his PasswordSafe database, I need to decrypt it. I don’t care a single moment about the strength of the encryption algoritm nor do I care about the valueness of the derived key function. The only thing I need to know is his password. Since I have the database offline and there is no mechanism whatsoever to discourage a brute force guessing attack, this is purely a matter of time. The attack is even undetectable since it happens on my local infrastructure.

Whatever cool encryption and synchronisation mechanism this setup uses, eventually the entire security depends on just a username and password. Since he wanted to protect a password login in the first place (his bank account) I wonder what he actually achieved in terms of increased security.

My first idea would be to say that he has replaced password based security with … password based security. The only that has changed are some extra, but minor, hurdles to hack it all. But I would even go further. He ends up less secure since cracking his PasswordSafe opens up all his accounts for me, not just his bank account, and the overall attack is less detectable then if I would hack his bank account directly.

Addendum … this article discusses the same topic but using different examples:

To use an analogy (certain to spike my readership, even if only till the US political process spits out some other triviality to focus on) you can put lipstick on a pig, but all you’ll end up with is a cosmetically enhanced porker.

Similarly, you can plaster on the lipstick of strong authentication like Tammy Faye but, if you are smearing it onto a pig of an identity proofing procesess, you’ll still be eating the bacon of low assurance …