Topic: LastPass 1Password Security Crypto Challenge + Bounty (Read 249 times)

No, I was not thinking about using Ballet Crypto cards this way, but rather to use their method of creating private keys or seed phrases that no one has full access to. I do not know if this is possible with online storage in a safe and trustworthy manner since they use physical cards.

Nobody said that you should create multisig setup like that.
Something like 2 of 2 (or even 3 of 3) would work very good and you would need all parties to sign transaction in this case.
Now off course there is a risk in case other party (or parties) refuse to do that or if they lose access to their wallet and backup, than coins are lost forever.
But you are right, some mutual trust is needed for this to work... it's still better than in fiat system that you need to trust 100%  

That would be very easy to avoid with simple usage of p2p trading, mixers, decentralized exchanges, centralized exchanges without strict kyc.

You could prove that you made withdrawal if you add some personal information or id number known only to you in bitcoin transaction, that you can prove later.
It would be a terrible idea for privacy to know ID's of everyone addresses and who exactly made withdrawals.

But you would need to trust Ballet claims to do what they say, you would also have to trust all manufacturing process, and they are third party in this case.
There are similar paper note wallets that work in similar way, but I don't have control over anything in both examples.
In case of multisig at least I have partial control.

I think that's kind of the point. Cryptocurrencies do have some advantages of being pseudo-anonymous. I wouldn't like to see that change.


This does not always have to be the case. You can look into the Two-Factor Key Generation (2FKG) process used by Ballet company to create their physical Ballet Crypto cards. A private key is generated in two physically separate locations without either having access to the complete key before it is permanently written on the physical card and protected from tampering. I don't know if something similar can be applied online.

I thought about multisig, but I don't think it will really solve the problem. (Also not 100% sure but I think I can still add multisig even now if I wanted to, just need the public keys of the other signers)

Suppose I multisig 3 users together and then it takes say 2 of the 3 of us to withdraw the funds...then one day someone like Elon Musk drops $1,000,000 bitcoin.

It's going to be awful tempting for those 3 users to simply get together withdraw the funds and split it between the 3 of them.

Similar problem with smart contracts, I could do some type of script/contract then the funds are released when say a specific message is signed  with the private key, but again, if the bounty is high enough, can still work around it, setup a second wallet and 'impersonate' being someone else.

Technically once someone tries to convert the coin to fiat, that last transaction will have a real person associated to it, and the company, coinbase or whatever will know who that was, but it could have passed through hundreds of transactions before that.

It seems that while bitcoin provides transparency, and while I can 'prove' that I own a particular address, there is no way to 'prove' who made the withdrawal.

No matter what way I think of it, there still seems to be a need to have a 3rd party 'trust'

I fear Cory Doctorow might be right in his recent blog article -  https://onezero.medium.com/the-inevitability-of-trusted-third-parties-a51cbcffc4e2

I think it's to late for that now, and people just have to trust that you won't withdraw coins yourself.
One potential way would be to create some multisig setup so that nobody would have full control over keys/coins, or splitting seed words with shamir backup scheme.
Maybe there was a way to create simple script for unlocking coins with some terms but I don't know how to do this.

No, as far as I know that is impossible to know.
You could always time limit this challenge and create new from scratch doing it in some better way like I suggested before, but think who would you add and trust as other parties in multisig.

Using multiple files as key file is overkill and i doubt anyone will successfully crack it (at least not in distant future or very big cost). I expect most KeePassXC user only use password or/and single key file with default encryption configuration.

A good point! - Although I have no intention of touching the bounties in any way


I am open to ideas/suggestions on how I could 'prove' I cannot withdraw things myself?

I could for example claim that I destroyed my copies, but is there a foolproof way of proving somehow a withdrawal doesn't come from me later?

Due to the fact that you still have all the private keys and passwords and the funds are readily available to you, it will be interesting to see if anyone else will be willing to contribute to the bounty. 

Alternatively you could find service which you could trust or use self-hosted/offline software since there's risk you could forget how you add extra letter.


If 6 security breach can't shut down LastPass business, it's very unlikely this thread could make it happen.

The purpose of the keyfile is to 'simulate' what I hope a large security company would do when storing my data. ie: they would have a 'vault' of some sort with a 'master key' that all of their  encrypted dat for users is stored in above and beyond my storage itself.

Hindsight being 20/20 -- I should have used the keyfile on the truecrypt container, to better simulate the idea, but oh well.

KeePassXC is truly amazing, you can use it on all possible operating systems, it can work fully portable or as appimage for linux, and there are nice browser extension to improve it.
Browser extension is made by KeePassXC Team and it works great in both Firefox and chromium browsers and all their forks.
Note that it's better to keep TOTP Authenticator secrets in separate database from password.

Unless user mistake is made with somebody finding their backup keys, I doubt this will ever be broken and hacked, unless some major quantum change happens in future.

Maybe you should post this challenge in social media like twitter to have more attention, if you didn't already do that.
I would tag all three accounts for KeePass, lastpass and 1password, and maybe few bitcoiners and hackers like Kingpin aka Joe Grand.

Update 1 : Well as of today both wallet balances remain fully intact.

Update 2 : The receive QRCode/ addressees above for 1password and lastpass were reversed so I fixed it

Update 3 : KeePassXC Bounty added

Several people have recommended KeePassXC - Thanks - I have started using it and it is amazing. In addition to just storing passwords, it also does TOTP (Authenticator) and automatically pushes keys to an SSH-Agent.  

So, in that same spirit I created a new bounty for KeePassXC.

To simulate the 'secure online storage' I have put a KeePassXC wallet on dropbox. The login of the dropbox account is



The password of the dropbox is of the same size, and special characters as the 1password and Lastpass.

In addition, the keypass database is protected with a master keyfile. The keyfile is made up of up to 5 key####.dat all of which are also within the dropbox.  A specific order of the .dat files must be combined to make the master key, and not all of the keyfiles may (or may not be used).

For those who do not wish to attempt to 'hack' dropbox itself you can also grab the jpg image at this torrent - https://archive.org/download/keypass-bounty/keypass-bounty_archive.torrent

Inside that jpg image is a zip file, inside that zipfile is a Truecrypt container (keypass-bounty.img).  The password for the container was created from the GRC Perfect passwords - https://www.grc.com/passwords.htm  - 63 random printable ASCII characters:

Once the truecrypt volume is successfully accessed. The same Keypass database,password and 5 master key files exist as in the dropbox.

Inside the KeePass is 2 recovery phrases - one for a BTC Wallet, one for a BCH (Bitcoin cash) Wallet, and a $20 voucher to tryhackme.com

Unfortunately - I did not have as much bitcoin for this one, you can donate more through this QR Code



Note: If the 1password bounty is not successfully accessed within 1 year (Jan 2023), I will transfer the contents of  that bounty into the KeePassXC bounty (because i don't want to kee paying yearly for a 1password system I am not using)

The bounty balance (BTC) Can be found here : https://www.blockchain.com/btc/address/1ESYzsQzNQHXXpstzMiQB625Aptd7ZMgq4

The bounty balance (BCH) Can be found here: https://www.blockchain.com/bch/address/qpd8x8gu9tuhqqsvg6ft6e43e5h7gl3kgq9ete0sut

Good Luck!


I think this challenge will get very interesting as the price increases for all of these crypto's over the next couple of months  

This is very interesting I'm using Lastpass on some websites I am fully aware of its past issues, they are fixing it and enhancing the security to retain their market shares, they are targeting those who are not tech-savvy because it's very easy to use these password managers.

I don't trust Lastpass so I make it a point to create a confusing password every time I create an account and use a password using LastPass I edited the real password by adding the first and last letter of the site and my favorite set of numbers, so the one showing in the LastPass fill form is very much different from the real password.

We'll see if there's progress on this thread and if this thread can shut down lastpass or 1password business.

Rationally, why you insist using LastPass when similar service (1Password and Bitwarden) have fewer security brenach?


Relevant discussion, https://security.stackexchange.com/q/257795.

Or I could just use something that is open source and works great like KeePass for example, and I can use it for free forever 
But I do appreciate your idea and bounty, so let us know if someone manages to crack it.

Yep I agree, that is why I included QR codes for both bounties, anyone who wants can send to those addresses and increase the bounty.

Presently (and ironically be design), if you win the initial bounties you could use it to pay for a 1 year subscription to each service :-)

Since nobody tells about it, I will. OP, you may want to also take a look/consider Bitwarden. It's free, it's encrypted, its source code is on git. (https://bitwarden.com/, https://github.com/bitwarden)
I think that it even had a review here on bitcointalk, but I cannot find it.
It was recommended here: Do you use a Password Manager? Which one is better?

This is not a bad idea, but it would be much better if you offered bigger Bitcoin rewards, that way you would attract more attention and give more incentive and motivation to hackers.

It will take less time, more money you offer on this addresses.
Maybe you can send more coins each month to keep interest alive.
I recently saw interview and video by Joe Grand aka Kingpin who hacked Trezor wallet, so maybe you should contact him and heard his opinion about this.

I would not suggest using any of this for keeping your password, even if they can work fine for most people. both LastPass and 1password have their own flaws.
Best thing you can use today for your passwords is probably open source software KeePass.

Why keeping pass online at all? I would not keep any sensitive data online even in a vault.
Instead of those online services I prefer to use an open source and free software like KeePass.
It's the same master password weak spot as all those other managers out there but I would trust it more as it's offline.
Why would you choose to pay for an insecure online service at all?

It's more about likelihood and trust in the service - then anything else.

All systems can be hacked, all data online can be stolen, but if the data is encrypted by the service provider using a complex password that only I know, then the time it takes to crack becomes technically unfeasible in a brute force attack (given a sufficient security model)

Neither service should have any knowledge of the master password, both services claim they have no knowledge of the master password. Therefore, if the information is stolen it is because of something I did wrong on my end that gave up the password (eg: phishing etc.)

Yep LastPass has been breached, and perhaps even copies of people's encrypted vaults stolen. Perhaps even some of those were stolen in 2005 such that 16 years later brute force was able to identify at least some of the users who had weak passwords.

It is my assertion that the time it would take to access the accounts created above would take more then my remaining lifetime on earth before the data can be accessed. If I am correct then LastPass/1password is providing the correct transparency and security as stated on the website/terms of service.

If I am incorrect, well then, I guess we shall see.

The question remains just how long will it take for someone to find out the keys

1 day
2 weeks
4 months?
1 year?
10 years?
100 years?

My personal bet is somewhere in the 70+ year range, though who knows what will happen in the next 70 years :-)