Archive for August, 2017

Attacking the 1Password Master Password Follow-Up

Friday, August 18th, 2017

We received some great feedback on the original article about attacking master passwords of several popular password managers. In one discussion, our benchmark numbers for 1Password were questioned. We had no choice but to re-run the benchmarks and publish an updated chart along with some technical details and explanations. We bring our apologies to AgileBits, the developers of 1Password, for letting the wrong number creep in to our benchmark. Can we still break into 1Password by attacking the master password? Please bear with us for up-to-date information and detailed technical discussion.

We must make one thing extremely clear: this time we did not “hack” anything. We are using good old brute force, enhanced with GPU acceleration, to attack the user’s plain-text master password protecting password managers’ encrypted databases. The four password managers were and still remain secure providing that the user opts for a strong master password. If a truly secure master password is used, it would not be possible to break it within reasonable timeframe.

(more…)

The Past and Future of iCloud Acquisition

Thursday, August 17th, 2017

In today’s world, everything is stored in the cloud. Your backups can be stored in the cloud. The “big brother” knows where you had lunch yesterday and how long you’ve been there. Your photos can back up to the cloud, as well as your calls and messages. Finally, your passwords are also stored online – at least if you don’t disable iCloud Keychain. Let’s follow the history of Apple iCloud, its most known hacks and our own forensic efforts.

The Timeline of iCloud and iOS Forensics

Our first iOS forensic product was released in February 2010. In 2010, we released what is known today as Elcomsoft Phone Breaker (we then called it “Elcomsoft Phone Password Breaker”). Back then, we were able to brute-force the password protecting encrypted iTunes-made iOS backups. At the time, this was it: you’ve got the password, and off you go. The tool did not actually decrypt the backup or displayed its content; it just recovered the password.

(more…)

One Password to Rule Them All: Breaking into 1Password, KeePass, LastPass and Dashlane

Thursday, August 10th, 2017

We’ve just updated Elcomsoft Distributed Password Recovery with the ability to break master passwords protecting encrypted vaults of the four popular password keepers: 1Password, KeePass, LastPass and Dashlane. In this article, we’ll talk about security of today’s password managers, and provide insight on what exactly we did and how to break in to encrypted vaults. (more…)

Breaking Passwords in the Cloud: Using Amazon P2 Instances

Tuesday, August 1st, 2017

Cloud services such as Amazon EC2 can quickly deliver additional computing power on demand. Amazon’s recent introduction of the a type of EC2 Compute Units made this proposition much more attractive than ever before. With Elcomsoft Distributed Password Recovery now supporting Amazon’s new P2 instances, each with up to 16 GPU units, users can get as much speed as they need the moment they need. In this article, we’ll discuss the benefits of using cloud compute units for password recovery, and provide a step-by-step guide on how to add virtual instances to Elcomsoft Distributed Password Recovery. (more…)