We are using longer and more complex passwords to protect our accounts. Hence, keeping track of numerous password combinations has become a task on its own. That is why more and more people are turning to password managers. Be it a free open-source tool or a commercial security architecture, many of us are using them to store our sensitive data.
However, a password manager app, besides passwords, can contain additional data sources, emails, connections, online banking details, and even documents. This data is very appealing to computer forensics. Take a look at “The Potential Importance Of Information From Password Managers” article for further reference.
Passware has recently updated its Password Managers decryption option by adding the support for Mac version of Dashlane – The Best Password Manager for 2022, according to PC Mag. In general, Passware Kit supports six password managing applications: 1Password, KeePass, LastPass, Dashlane, macOS Keychain, and iOS Keychain (iTunes backup).
For the master password to reside in the app’s vault, there should be at least one successful login to the password manager on the target computer. Given this, the vault can be exported and analyzed by Passware Kit. Broadly speaking, the software recovers the master password of the application using a brute-force method with GPU acceleration where possible and afterwards extracts the contained passwords and other records.
Let’s take a closer look into the password managers, their versions, and how difficult it is to break into them.
1Password
1Password is one of the most secure and widely used commercial password managers developed for all popular platforms: Windows, Linux, macOS, iOS, and Android. Passware Kit supports all versions of 1Password including v8 for all the platforms, with some limitations.* Besides the GPU-accelerated brute-force recovery of a master password, Passware Kit is also capable of acquiring it from a live memory image for the standalone 1Password for Mac. In some cases, Passware Kit Mobile can decrypt a 1Password database instantly.
In December 2012, AgileBits introduced the OPVault format to replace the outdated Agile Keychain format. The OPVault is now the default format for syncing with iCloud and Dropbox. Passware Kit supports both OPVault and Agile Keychain vaults, as well as the Online database format used in the browser versions of 1Password.
The recovery speed on an AMD Radeon RX 6900 XT is 770,000 passwords per second for Agile Keychain and 30,000 passwords per second for OPVault.
A 1Password vault can contain multiple accounts with different encryption types, and Passware Kit is capable of handling them one by one.
If syncing with Dropbox or iCloud is enabled, 1Password stores its vaults inside the Dropbox and iTunes/iCloud backups correspondingly.
KeePass
KeePass Password Safe is a free and open-source password manager primarily for Windows. Being a handy freebie, it is widely used by small office and home users all over the world.
The location of a KeePass vault (*.KDB for v.1.x and *.KDBX for v.2.x) is specified by the user, so it might be helpful to use the “Find Encrypted Files” option in the Passware Kit to locate this file.
Passware Kit recovers master passwords for the vaults and subsequently extracts user credentials and passwords from them.
Starting from 2023 v3, Passware Kit supports KeePass Professional 2.x databases encrypted using key files. The decryption is possible for databases protected with both password and key files or key files only. In addition to the password recovery, Passware Kit detects the key files with the *.keyx extension on a computer under investigation.
Also, Passware Kit 2023 v3 and higher versions support the KDBX v4 format of KeePass Password Safe databases, which can use the ChaCha20 encryption algorithm.
The GPU acceleration on both NVIDIA and AMD is supported for all versions of KeePass, with the exception of databases encrypted using the Argon2 key derivation function. It reaches up to 30,000 passwords per second on NVIDIA RTX 4070 Ti for a database with a single key file and 435,000 passwords per second for KeePass v.2 without key files.
LastPass
LastPass is a freemium password manager that stores encrypted passwords online. It is available as an extension to web browsers, including Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge, Vivaldi, and Opera.
LastPass requires quite a strong master password to be set:
Provided that the average recovery speed for LastPass is 37,000 passwords per second on AMD, this password manager can be considered as one of the most secure ones.
Passware Kit saves the extracted credentials in a CSV file.
Dashlane
Dashlane states that it is “designed for a safer life online”. It is the PC Mag Editors’ Choice winner as the best password manager for 2022. It is supported on the main desktop and mobile platforms: Windows 10, MacOS, iOS, and Android, and all major browsers: Safari, Edge, Chrome, and Firefox.
Passware Kit supports both Desktop and Browser Extension versions of Dashlane. Depending on the encryption algorithm, it can utilize GPU to accelerate the password recovery. Passware Kit Mobile (starting from the upcoming version 2022 v4) is capable of extracting records from iOS and Android versions of Dashlane. The table below summarizes the supported versions and encryption types.
Version | OS | Encryption type | Password recovery or decryption method |
---|---|---|---|
Dashlane Desktop, Dashlane Extension Chromium browsers | Windows | Argon2d | Brute-force, no GPU |
PBKDF2, SHA1 PBKDF2, SHA256 | Brute-force, GPU | ||
Dashlane Desktop, Dashlane Extension Chromium browsers, Dashlane Extension Safari browsers | macOS | Argon2d | Brute-force, no GPU |
PBKDF2, SHA1 PBKDF2, SHA256 | Brute-force, GPU | ||
Dashlane Mobile | iOS | Argon2d | Brute-force, no GPU / Instant decryption |
PBKDF2, SHA1 PBKDF2, SHA256 | Brute-force, GPU / Instant decryption | ||
Dashlane Mobile | Android | Argon2d | Brute-force, no GPU |
PBKDF2, SHA1 PBKDF2, SHA256 | Brute-force, GPU |
A Dashlane vault can contain multiple accounts with different encryption types. Passware Kit displays them all and offers to choose one for decryption.
Hardware acceleration is only supported for accounts without the Argon2d key derivation function.
As a result, Passware Kit recovers the master passwords and extracts the contained credentials. Additionally, it can save the unrecognized extracted data in .json files.
macOS Keychain
Keychain is the built-in password management database in macOS and iOS that securely stores account names, passwords, private keys, certificates, sensitive application data, payment data, and notes. These records are dynamically linked to users’ particular login passwords so that when they log on to a Mac device, all of their various accounts and passwords are made available to the operating system and select applications.
There are three types of Mac Keychains: Login Keychain, System Keychain, and Local Items (iCloud) Keychain. Passware Kit supports them all. Refer to our “A Deep Dive into Apple Keychain Decryption” article for more information.
The password recovery process for a Login Keychain can be accelerated by using GPU, reaching speeds of up to 1,200,000 passwords per second on an AMD 6900 XT.
iOS Keychain (iTunes backup)
Apple stores iPhone, iPad, and iPod backups in an iTunes backup file on both Windows and Mac devices. An iTunes backup typically consists of multiple files and folders, however Passware Kit only needs a Manifest.plist file to initiate a password recovery for the backup.
Using the iTunes backup folder and recovered password, iOS Keychain option can be used to instantly extract keychain entities and passwords in .CSV format for further analysis.
Summary
We hope you found this quick analysis useful. Password managers are supported in the Standard Plus, Business, and Forensic editions of Passware Kit. Mobile versions of password managers and decryption of iOS Keychain are supported in Passware Kit Mobile only.
The table below summarizes the versions and encryption algorithms of the password managers that Passware Kit supports.
Password Manager | Version/OS | File Type | Encryption | GPU Support | Maximum Recovery Speed on AMD (p/s) |
---|---|---|---|---|---|
1Password | macOS, Windows (incl. OPVault),iOS, Android* | JS, SQLite | PBKDF2-HMAC-SHA256 PBKDF2-HMAC-SHA1, PBKDF2-HMAC-SHA512 | Yes | 771,000 / Instant memory analysis |
LastPass | Browser Extension: Chromium-based, IE, Safari | SQLite | AES-256, PBKDF2 SHA-256, salted hashes | Yes | 26,800 |
Dashlane | macOS, Windows, Browser Extension, iOS, Android | AES | AES-256, PBKDF2-SHA2, AES CBC-HMAC, Argon2d | Yes/No | 233,000 |
KeePass | Windows, macOS | KDB, KDBX | AES-256, ChaCha20, AES-KDF, Argon2/Argon2d | Yes/No | 435,000 |
macOS Keychain | macOS | login.Keychain, System.Keychain, SystemKey, user.kb | N/A | Yes | 1,200,000 |
* Limitations of 1Password support:
- iOS and Android versions up to v7 are supported by Passware Kit Mobile only
- For 1Password 7 for macOS, Passware Kit supports the OPVault format only. The Linux version of 1Password 7 is not supported.
Looking at the password recovery performance and the complexity of password settings required for each application, we can conclude that LastPass is the most secure password manager in terms of breaking its master password. In any case, using GPU clusters combined with distributed computing (supported in Passware Kit Business and Forensic editions), increases the chances of breaking into the suspect’s password manager and extracting all his credentials, building a good source for further forensic research.
Learn more about breaking into the password managers on the Passware Knowledge Base.