I've been using Dropbox/ownCloud + KeePassX/KeePassDroid for years now. Putting the password in is a manual step, but that also means I feel like being more in control. Very happy with the setup.
Speaking of security concerns, you might think twice before continuing to use OwnCloud as a part of your password vault solution. It's had critical security bugs in the past, and I'd wager more in the future.
Part of the value of a service like LastPass (not a fan personally, but for argument sake I think ths still holds for this issue) is that someone is (should be) always on duty to monitor the service for suspicious activity and be ready to respond to security issues in the code base. While you're in class or a meeting or a movie or asleep, they can already be locking ish down and implementing patches / fixes.
Yes, I'm aware of the Ubuntu/ownCloud repository mess, as I was also affected myself. I'm not too worried though -- it's a personal virtual server with a custom ownCloud endpoint, and the password file is encrypted anyway.
These are always a bit of a balancing act on what's good use of third-party services and what's worth handling yourself. Services hopefully have a competent team behind it monitoring it (not guaranteed though!), but at the same time provide a much more lucrative attack target. And in my case at least, in a completely different jurisdiction. Monthly feels, service continuity, learning aspect... There are lots of different points influencing the choices.
All awesome points. I host my own email on pretty much the same line of reasoning. The "more lucrative attack target" is a great point I hadn't factored in.
As someone with very little knowledge of encryption etc. please advise - how safe is dropbox? I would have guessed it would be a relatively frequent target for blackhats.
I would consider it not safe because it was on of the companies mentioned on the NSA slides.
You can still sync your Keepass(x) file with Dropbox if you have a good password (key file is recommended) on the database file.
Instead of Dropbox you can also use https://spideroak.com/
They have a really handy program which let you control a lot of things and they are a "zero knowledge" cloud provider, all your data is encrypted.
Snowden recommends them: http://www.theguardian.com/technology/2014/jul/17/edward-sno...
For $12 dollar a month you get 1 TB, which you can use as a safe off-site backup location.
Note that, while SpiderOak is arguably more secure than Dropbox, they rely on a hybrid security model wherein they still have your encryption key on their server, but encrypted with your local password. This matters because if your password is ever compromised, however briefly—say, by using the mobile app or the website, neither of which are supported in a secure manner (they make this very clear)—then all your data would be permanently compromised, with no way to rotate your keys and re-encrypt your data before someone gets access to it, short of blowing out your account. I get why things work this way, but still, yuck.
Also worth pointing out that neither Dropbox nor SpiderOak are fully open-source, so you are having to place some degree of 'blind trust' in either service. It is in their own best interests to have great security so that customers trust the product, but this cannot be verified by someone outside the company.
I would expect Dropbox to be rather safe (please use two-factor auth), though I did migrate to self-hosted ownCloud myself. Anyway, this is not even a crucial part, since the password file is obviously encrypted with a strong password. The unencrypted data never touches the disk.
Also, for the database file encryption I'm using AES256 with 10 million encryption rounds (configurable in the application), which hopefully slows down any brute force attempts even in case of a data breach.
Of course, all bets are off if your device itself is compromised, but that would be the case with any solution.
Applying AES multiple times/rounds doesn't yield anything. AES is not adaptive (like BCrypt) so the cost of brute-forcing doesn't increase incrementally with the number of rounds.
I'm not expert on encryption, so could you clarify this a bit? If the source data is encrypted multiple times, surely then decrypting needs the same number of passes to get the original?
Interesting. I assume that to mean that the inner decryption loop can be repeated over and over with just a minimal overhead when the same password is being used, compared to the whole process of choosing the next password and setting up the decryption process with that.
Anyway, the slowdown is noticeable on my devices with these applications (it's about one second on my laptop), but then again these obviously are not custom-built AES decrypters. This will have to do now.
Sounds like a valid approach for personal information. I wonder if there's such a solution that would let you "share" passwords with other people, like LastPass lets you do.