Index ¦ Archives ¦ Atom

My dream password manager

A few weeks ago I wrote about KeePassX and while I'm very happy and it ticks nearly all the boxes the one feature that's missing and unfortunately would probably require a complete redesign is multi user support.

It would be great to be able to share passwords to some users but without sharing the whole KeePass file1.

I have this idea in my mind of a password manager that stores each users private key AES encrypted in the same way that GPG does when you export your private key. Then each password and any attachments can be AES encrypted, and have the AES encryption key encrypted with each users public key. Again this is the same way GPG works when you send a 3MB file to 10 people you don't end up with a 30MB file, you have a 3MB file AES encrypted, then each recipient gets a copy of the AES key encrypted with their public key.

The idea is that you could have a database file (SQLite for example) and it wouldn't matter if someone had a copy of the whole file, they could only access things they could decrypt. From their you could have groups, so you could share these passwords with all staff in finance, and these ones with HR, and so on.

You could make this use a real database with a client server model, the database side could offer server side security2 and not hand out the encrypted passwords to people who were not authorised but even if it got compromised and someone got the whole database it would still be secure3.

I guess what I'd effectively be inventing is a self hosted version of LastPass and that's really what I'd like, secure multi-user password storage that is not hosted off "In the Cloud".

EDIT To Add: After I wrote this but before I published it I came across Tim White's Team Password Safe. I haven't looked at it in too much detail but it looks like it will do more or less what I'd like.

  1. In a perfect world we wouldn't have to share credentials, there would be one account per user and each user would have the permissions to do the work they need to do. But this is not a perfect world, often devices like Wireless Access Points and Photocopiers only have one password and no concept of different accounts. And many business websites do not allow for multiple accounts to manage one organisation, so sharing passwords is unfortunately inevitable. 

  2. Becasue Defense in depth is a good thing. 

  3. Or as secure as the weakest password for a key that has access to a given password. 

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.