texnic Wrote:1. I have tried the password recovery using locally stored one-time password. After logging into the system, I was able to read all the secure notes, including those, for which "require password reprompt" was enabled. For a password with this option enabled, this doesn't work, it requires password reprompt indeed. Is it a bug with the notes?
2. On the other hand, if I am using the normal OTPs, in an internet cafe, I don't want to enter my master password. Should I enter another OTP when reprompted?
3. If my information is encrypted with my master password, how can it be that one-time passwords allow to decrypt it? This forum makes me think that you take the master password, split it into two parts, store one locally and another on your server. Is this correct?
4. Don't you think it makes sense to switch the OTP recovery off by default? I understand why you have created this function and find it rather useful, at least for "normal" users. I should also agree that the implementation, as far as I understand it, is smart indeed. But AES-256 is not the level of encryption for the normal users, it is a military grade algorithm. Therefore the rest of the system should be as robust. Encryption with a strong password with AES-256 is unbreakable. I don't think my email is as secure. Neither can I be sure my laptop won't be stolen. Then this OTP-based recovery becomes a typical backdoor! And false safety in action!
5. Finally, since the OTPs are 128 bit long, I think you are just saving 128 bits of the master password hash value on your servers and 128 bits locally. Right? If yes, then: Of course, it is impossible to do brute-force attack on your 128 bit since this would require impossible number of connections to your servers. BUT: if your own storage would be compromised, Eve would get my encrypted database and 50% of my master password. 128 bit encryption with AES is still very strong, but it is not AES-256 any more. Taking this into account, wouldn't it be more proper to make OTPs be 256 bit long?
texnic Wrote:Is this correct?
Then I don't understand how an OTP can be revoked. If you have sent me the OTP-encrypted master_password, and I have entered the OTP locally, someone key-logging on the local machine can save both values and decrypt the master_password later? You will not allow second authorization with the same OTP, but the person has already obtained the master password! Where am I wrong?
JoeSiegrist Wrote:Yes if your OTP is valid on the server and is used it's too late -- your key is now local too.
It's never a good idea to use a computer where you're concerned about what software is running on it, though the general risk of LastPass accounts being specifically targeted right now are quite low, it could grow in the future... Bring your laptop, use your smart phone...
After OTP has been used once, it can never be reused again.
texnic Wrote:Then, I should rather not use LastPass in the places that I don't trust (internet cafes etc.), right?
Users browsing this forum: Bing [Bot] and 29 guests