Troy Hunt also maintains a list of pwned passwords (https://haveibeenpwned.com/Passwords
), it would be nice for the LastPass app to check the passwords against that list. This in would have to be done in app on clients to ensure passwords are not in cleartext at any point on LastPass infrastructure. There is an API which can query passwords which would make the development of the feature much quicker (https://haveibeenpwned.com/API/v2#Searc ... ByPassword
). After a quick read some concerns would be:
The security issues with sending a password over the internet for a query - this is addressed by using HTTPS in the API as well as using only the SHA-1 hash of the password instead of sending the cleartext password across. (Passwords sent across the line would be hashed, then encrypted making MITM attackers, even with full SSL inspection, unable to see cleartext passwords) This still generates a risk of pass the hash, however it would require full SSL inspection and the password would still need to be brute forced. That being said, if an attacker had full SSL inspection running and could see the SHA-1 hash, and the response that it is in the list, they would then have the hash and a dictionary which is known to contain the password making it trivial to break. This can be mostly mitigated by only including that during password creation/changing this would give the user the chance to choose a different password before the password is set. Keep in mind this assuming an attacker who is in a postiion to do much, much, much greater damage, so this query should be the least of the worries, but this implementation would be good defense-in-depth practices.
The other concern is the rate limiting of one request every 1500 miliseconds (1.5 seconds) from a single IP address. This would be addresses again by doing it client side so each request would come from a unique IP. It would just need to set the a timer on the request to ensure it isn't made too quickly. As people tend to take more 1.5 seconds to think up and type a new password, I would not expect this to be a major issue. Additionally, to help ensure requests aren't made with every keystroke, the strengh could be calculated only when a button is clicked. Doing this would also give the user the opprotunity to choose to send the hash over the network.