How We Built “Remember” Master Password in a Zero-Trust Architecture
In today’s digital world, managing user authentication for online services and applications is still proving to be a challenge. Traditionally, the login/password combo is used in a first request to authenticate the user, then the server sends back a cookie with a session token in order to authenticate the user in the next requests. This design requires storing a hash of the password in a database. It also means that the service can always access the user’s data on its server.
For services that handle very sensitive data, like Dashlane and other password managers, the situation can be different. They usually rely on what is commonly called “zero-knowledge” architecture. As a reminder, zero-knowledge architecture ensures users that their data cannot be accessed by services that store, process, or transmit it. A standard way of creating zero-knowledge architecture is to encrypt the data locally prior to sending it to the server with an encryption key—typically a derivative of the master password—that is never communicated to the server. Therefore, the server stores the encrypted data, but can’t decrypt it. This is a key component for ensuring the privacy and security of sensitive data such as passwords, PII, and payment information.
How do services securely store a “remembered” password?
Most of the services using a login/password to authenticate users propose to their users a “remember me” function for convenience. This option usually appears as a checkbox in a login form to enable remembering a user session and keeping the user authenticated for a limited period of time (e.g. 14 days) even in the event of their computer or browser shutting down or restarting. This is beneficial for users because it eliminates the need for reauthentication and decreases the number of steps a user must take to access an application. It’s also beneficial for businesses because it keeps users active and engaged for as long as possible.
Traditional services (non-zero-knowledge) usually implement this feature by storing the session token locally. This allows the user to reauthenticate himself, transparently, even in the event of a computer/browser restart.
For zero-knowledge based services, implementing a “remember me” function is more difficult. As the ciphering and deciphering of data happens locally using the user’s master password, storing a session token is not enough. Typically, zero-knowledge services implement “remember me” functionality by storing the user’s master password locally. On some platforms, this storage is handled by the OS’s secure storage capability—for example, Keychain on Apple devices, and DPAPI on Windows. Using secure data storage is critical in that context as it ensures that, unless the legitimate user is logged in to the OS, data can’t be retrieved.
However, there are cases where a zero-knowledge service runs in an environment that does not provide such secure storage capability. A browser extension, for instance, or a web application running in a browser. Modern browsers typically provide non-secure data storage, and data is stored in clear text on the hard drive. This type of storage would allow an attacker who has stolen a computer to retrieve stored data without prior authentication on the OS.
If a zero-knowledge service stored the master password of a user in non-secure data storage, the user would be exposed to significant risk. Should the user lose their device or have it stolen, an attacker or someone finding the device could easily retrieve the user’s master password.
How Dashlane used security innovation to solve the “remember me” problem in non-secure environments
When we launched our standalone extension at Dashlane, it was important for us to provide a minimal-risk solution that allows a user to keep their session opened or to resume it in the case their OS or browser restarted.
We designed a patent-pending solution that relies on a separation of responsibilities and a cryptographic exchange between client and servers. It consists of the addition of a secure layer based on a shared secret with the server, so that we can reduce the security gap between secure and-non secure storage.
A cryptographic key is used to cipher the master password stored in the non-secure data storage of the browser, and this key is only stored on Dashlane servers. When the OS or the browser is launched, this key is retrieved following a transparent authentication process and allows the user to decipher their data locally and resume their session. The key is then discarded by the servers after a certain period and can be manually discarded by the user in the event of a device being stolen or lost.
Thanks to that design, we can offer the convenience of a “remember me” feature in a non-secure environment while limiting the exposure for the user.