๐Ÿ‘คsyck๐Ÿ•‘4y๐Ÿ”ผ263๐Ÿ—จ๏ธ119

(Replying to PARENT post)

> It means every instance of Kaspersky Password Manager in the world will generate the exact same password at a given second.

Whoa. That's just ... Wow.

๐Ÿ‘คverytrivial๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

I feel like the discussion about uniform password generation and PRNG, while interesting, is relatively irrelevant here. Even a garbo xorshift-based non uniform PRNG is almost certainly good enough to generate strong random passwords, as long as it's seeded correctly. An attacker is unlikely to gather enough output (generated passwords) to predict other ones, and the passwords are unlikely to be all generated within the same session so the PRNG state probably wouldn't carry over anyway. It's shoddy craftsmanship for sure and it doesn't inspire confidence in the product, but I'm not sure that it could be meaningfully exploited on its own.

Seeding with the current time is the real sin here.

๐Ÿ‘คsimias๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Ok, we know that Math.random() is bad, and they recommend using window.crypto.getRandomValues(). But the docs for getRandomValues() raise concerns too:

- getRandomValues() is not guaranteed to be running in a secure context.

- There is no minimum degree of entropy mandated by the Web Cryptography specification

- User agents are instead urged to provide the best entropy they can when generating random numbers, using a well-defined, efficient pseudorandom number generator built into the user agent itself, but seeded with values taken from an external source of pseudorandom numbers, such as a platform-specific random number function, the Unix /dev/urandom device, or other source of random or pseudorandom data.

From https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getR...

Is there a better solution?

๐Ÿ‘คTempest1981๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

>All the passwords it created could be bruteforced in seconds

Can somebody please correct me if I'm wrong, but to bruteforce a password attackers need offline access to the stored passwords data and I'm assuming it mustn't be stored in a proper encrypted way

why should the onus be on the end client/ user to use 'crazy' lenght and complex passwords(I'm excluding stupidily simple passwords such as 123456 etc..)

surely a well design vault/ safe for the passwords and a restricted client logon system would stop all/ most attackers

๐Ÿ‘ค123pie123๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Ledger is the company that kept for no good reason, and did not secure database of names, phone numbers and home addresses of their customers putting them at risk of robbery.

Iโ€™m on that list and Iโ€™m scared.

๐Ÿ‘คwhatsapps2020๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

The STL did a bunch of work to move away from rand() to mt19937. Like deprecating std::random_shuffle in C++ 14.

But good to note that mt19937 is still not cryptographically secure.

๐Ÿ‘คTempest1981๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Also there are always FSB agents sitting in Kaspersky office. Let that sink in.
๐Ÿ‘คegze๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

In the context of previous allegations about Kaspersky and Russian intelligence, there's some chance these errors were intentionally introduced.

https://en.wikipedia.org/wiki/Kaspersky_bans_and_allegations...

๐Ÿ‘คDevX101๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

> After a bit less than two years, this vulnerability has been patched on all versions of KPM. Vulnerability has been assigned CVE-2020-27020.

Pretty terrible bug to be unpatched and presumably uncommunicated for 2 years. Ouch.

๐Ÿ‘คmcintyre1994๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

get your dice keys. https://dicekeys.com/
๐Ÿ‘คwaynesonfire๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Getting some DUAL_EC prng vibes.

Insert Kaspersky owned by Russia intelligence conspiracy here...

๐Ÿ‘คjfktkrkfk๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

ledger, hmm...is that the same ledger that got hacked and leaked personal user info related to crypto wallets :D
๐Ÿ‘คmouzogu๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

same password != same password. Ignore this message just tryna git 2 karma.
๐Ÿ‘คacidburnz๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

I use Bitwarden and it's open source. Switched over from LastPass and haven't regretted it since
๐Ÿ‘คpropwash๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

Kaspersky works for KGB, that was the main reason to avoid.
๐Ÿ‘คjustshowpost๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

The title is misleading. Yes, the passes are generated using a crappy and predictable seed value, but the passes are stored in a vault, and good luck breaking into that vault providing you use a strong master password, like a six-word diceware passphrase.
๐Ÿ‘คsysadm1n๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0

(Replying to PARENT post)

To me, using a Password Manager puts you at risk, no matter which one you use. I cannot speak to windows, but on Linux, I use a encrypted text file via emacs. And to generate passwords:

tr -cd "[:alnum:]" < /dev/urandom | fold -w 20 | sed 10q

And a real TL;DR:

Upgrade your Kaspersky Password Manager

๐Ÿ‘คjmclnx๐Ÿ•‘4y๐Ÿ”ผ0๐Ÿ—จ๏ธ0