NextcloudPasswords icon indicating copy to clipboard operation
NextcloudPasswords copied to clipboard
verified publisher icon hegocre

[Discussion] Current implementation for local storage of managed and master passwords

Open brainchild0 opened this issue 11 months ago • 3 comments

I would like to ask how the application currently attempts to assure security for the user, in the case of an attack or theft of the device, against extraction of locally stored credentials, either the passwords managed by the system, or the master password used for their decryption.

The question is prompted by the observation that the application supports local storage of the master password, even without protection of the application by a PIN. Such an observation suggests that the application, at least in some cases, will store the master password without any security having been added, additional to that which protects the overall device and installed system.

It would be concerning if a PIN, even when assigned, were not being used to protect the master password as persisted on local storage.

The most apparent questions are as follows:

  1. In the case that the master password is stored locally, and the application is configured with a PIN, is the stored master password encrypted with the PIN?
  2. In either case, are the managed passwords encrypted by either the master password or the PIN?

As has been observed in other issues submitted, the application currently has no protection against brute-force attack on the PIN.

Ideally, both the master and managed passwords should be stored as encrypted, requiring for decryption the application PIN, if any is assigned. Further, to protect against brute force attacks, at least the master password should be expunged from the device after several successive failed attempts to unlock by entry of the PIN. After such precautionary purging, managed passwords should be inaccessible from the persistent storage device without circumventing string encryption.

All observations were made from the current release, version 1.0.10, running on LineageOS for MicroG 21.0.

brainchild0 avatar Jan 12 '25 23:01 brainchild0

Hello, and thank you for sharing your concerns. To answer your questions:

  1. The master password is encrypted as explained here: https://github.com/hegocre/NextcloudPasswords/issues/64#issuecomment-1854427718
  2. Yes, the local passwords are encrypted with your master password, same as in the server.

Let me know if you have any more questions!

Chers!

hegocre avatar Jan 14 '25 13:01 hegocre

Also, I forgot to mention: about the brute force protection, there can be no protection, since there is no submit button. The app only unlocks when the correct PIN is entered, and there is also no way of knowing its length. If I'm not mistaken, this is how the screen lock works on some android ROMs.

hegocre avatar Jan 14 '25 13:01 hegocre

It best serves the interests of the user that, in the case of creating an application-specific PIN, it is used to protect cryptographically the stored master password, augmenting the protections available directly from the system.

Additionally, it seems most common, and for sound reasons, that applications limit the number of submissions, before locking access by PIN. Locking should include removal of the stored password, whether as plaintext or ciphered.

Finally, usability is severely impaired by PIN entry appearing upon every switch of foreground application, rather than the application remaining unlocked until the end of a timeout duration.

brainchild0 avatar Jan 14 '25 23:01 brainchild0