I think it will be useful for everyone.
Thank you for your feedback Konstantin. Currently, we don't have any plans to implement Google Drive syncing, since we have our own cloud storage system called mSecure Cloud. The data stored in the cloud is secured in the same way regardless of what cloud system you use, so we're not sure at this time what the advantage to storing your data in Google Drive would be. Can you let me know why that would be helpful in your case? What advantage do you see it providing?
I am afraid that after the appearance of v6, mSecure Cloud synchronization in v5 will stop working.
I am afraid that after the appearance of v6, mSecure Cloud synchronization in v5 will stop working
I'm not exactly sure what you mean here, but when v6 is released, it will install over the top of mSecure 5 if the app is upgraded. If for some reason, mSecure 5 is no upgraded, then mSecure Cloud syncing will continue to work as it always has, so you won't have any need for syncing using a different cloud system.
Idea of sync/backup through google drive (or smth else) is to have the end user take responsibility over securing the sync transport.
With the recent hacks on other password managers, it's expected users begin to question how safely cloud sync'ing really is.
Thank you for contacting us and for your feedback. With regards to the LastPass breach, and other breaches that have taken place with password manager cloud systems, there is one specific problem that can cause big security issues for their customers. The issue is how the data stored in their cloud is encrypted. Below, I'm going to compare and contrast their security model and ours in a very brief overview.
Before I do that, however, I'll address your question about adding Google Drive for cloud syncing. At this time, we don't have plans to do that, and hopefully it will be more clear as to why by the end of my response. Even though we're not planning on adding Google Drive syncing, I did want to let you know you can use Dropbox syncing already if you prefer. It's a third party cloud platform, like Google Drive, so if you are more comfortable storing your data in a free Dropbox account, then please feel free to do so.
Now onto talking about LastPass and mSecure. While I'm not entirely sure how data is stored in LastPass, from what I've read, one of the big problems is the data stored in their cloud system was only encrypted with the user's account password. Now I say this admitting I'm not familiar with their entire security model. I only know very little about that app based on some articles I have read. If indeed the user's data was encrypted with only the user's account password, that could cause many problems for people with weak account passwords. If the the data stored is encrypted with a weak password, which many people use for their accounts, that data can be cracked within seconds using a brute force attack by a hacker who knows what their doing. That would mean that any user's data stored in LastPass' server that is encrypted with a weak password would be incredibly easy to access. And this is the main difference with mSecure's security model, which you can read about here: mSecure’s Security Model - Secure by design
The short explanation of the article linked above is that the data stored in mSecure, both locally and in the cloud, is not secured with your account password. Instead, every account has what is known as an account key, which is a very long and totally random key. This key is used to encrypt your data and is never stored in your mSecure account or anywhere in our system. This, like LastPass claims for their system, is a "Zero Knowledge" architecture. In other words, we do not have the information to get access to any of the data stored in the mSecure Cloud, or anywhere else for that matter. The only one who has the information necessary to decrypt the data is the user who owns the account.
To guard against brute force attacks, rainbow tables, etc., the account key is random, incredibly strong and is not tied to the user's account password in any way. The account key is only delivered in an encrypted form when you first set up your account, so it is never sent in a readable, non-encrypted format.
To respond directly to the LastPass breach, our system was created so that even if the mSecure Cloud was hacked, the data stored in it is impervious to brute force attacks. Now if the mSecure Cloud were breached, we would notify all our users, but if the data was stolen, there is realistically no way it could ever be used, because the encryption is incredibly strong and not reliant on a password the user creates. Even with the fastest of computers, it would take millions of years to figure out the encryption key through brute force. Since the keys are random and computer generated, rainbow tables have no effect on the security. The only way to break through the encryption, which is provided by AES-256, is to simply guess at it again and again until the data is decrypted. There are simply no shortcuts to making the data stored in the mSecure Cloud readable. In the event a breach did happen, it is still a best practice for every user to change their account passwords, especially those related to very sensitive information like bank and credit card accounts, which is why we would notify our users that the breach took place. But in this situation, you can still be confident your data would be safe until you were able to change the passwords to those sensitive accounts.
That is very good to know. I moved from another password manager about a year ago because I found your model more robust while user friendly. Keep up the good work.
Thank you very much for the feedback! We're very excited about our current development plans, and we look forward to serving our customers for many years to come.
So the data is as secure as the encryption key is.
How is that encryption key managed: communicated, stored, etc?
The encryption key is sent to you via email, which is where things get a bit more tricky regarding this topic. To start, the encryption key is never at any time, either when you're creating your account or after it's been created and fully set up, stored on our servers. It is only stored in an encrypted form on your device. This means that the data stored in our system is encrypted with a very strong key that is never stored in the system itself. I hope that makes sense, but when talking about data security, it's important to make the distinction between data stored remotely in a cloud system like mSecure Cloud, and the data stored locally on each device. The data for any account using mSecure Cloud syncing is stored in mSecure Cloud and is encrypted with that account key, but that account key is never stored in mSecure Cloud. So nothing in mSecure Cloud can ever be used to decrypt the data that's stored inside it. If it were stolen, the thief would simply have a bunch of encrypted data that could not be decrypted through brute force in any reasonable amount time. Based on the mathematical odds, it could be considered miraculous if the encryption were able to be cracked in as short as 100 years. The hacker would have to be lucky beyond imagination for that to happen.
There's more to be said about the management of the account key, however, but only for the data stored locally on your device(s). When you set up your account, the mSecure app (not the mSecure Cloud), knows what your account password is. So after the setting up the account, that key is encrypted with your account password and sent to you via email. This is the QR code you receive after you create your account. It's the account key encrypted with your account password. So locally, the data is ultimately protected by the strength of your account password, because it is what is used to encrypt the account key. Theoretically, if a hacker were to steal one of your devices, and they were able to get access to it, and they were able to find your QR code, and you had a very weak account password, they would be able to hack the encryption on the encrypted account key to arrive at your account password. Once they know your password, and they have the account key, then they would be able to sign in to your account and access your information.
In the end, a security system has to way the cost of weak points. Data stored in a cloud system has to be strongly protected in case of a breach, which is why the system is a "Zero Knowledge" architecture. There is no knowledge contained in the cloud system that can aid someone in hacking the data it contains. There are no weak points in the mSecure Cloud. The weakest part of the system is local, and that's only if the user has a very weak account password, if the encrypted account key is stored on that device, and if their device is stolen by a hacker who knows what they're doing. This is why it's always best to have a strong but memorable password for your account. It doesn't help in the security of your data stored in mSecure Cloud, but it does help in the very rare case of a hacker getting access to your device.
The short answer to your question about account key management is: "The account key is only ever stored locally on each device, and the code is always encrypted with your account password."
Thanks for the detailed explanations Mike!
No problem at all Catalin! Please let me know if you have any other quesitons.