Good security practices require us to use different passwords for most or all of the websites and services we interact with. For accounts of any significance, those also need to be strong passwords of one form or another. But if you combine those two requirements (one password per site, most or all passwords are strong) then remembering all of your passwords requires an inhuman display of memory. Of course, when we need to perform inhuman tasks, we use software. And in this case, we use password stores and generators of various sorts. There are a lot of options for password managers out there, but if like us you prefer all of your security-sensitive code to be free, auditable software, then the choices are more limited.
Today, the team from a password manager startup called Mitro will be joining Twitter. As part of the deal, Mitro will be releasing the source to its client and server code under the GPL. We're very pleased to see this happening, and will be advising the Mitro team on how best to turn their startup's code into a sustainable free/open source software project.
Mitro is distinctive amongst free/open source password managers in that it's architected around cloud storage. For security, the online password databases are encrypted with client-side keys derived from your master password. For availability, they are mirrored across three cloud storage providers. With this design (documented here), passwords can be synchronized across all of your computers and devices with minimal effort. They can also be shared across teams and organizations. For those reasons, we're excited about the possibility that Mitro may turn into a valuable piece of infrastructure for the community.
Mitro has committed to funding continued operations of its servers until at least the end of 2014. If their code proves to be secure and popular with the community, we will be advising them on how to create a sustainable home for that infrastructure.
Mitro is already quite a mature and usable system. You can try it today and if you like it, tell your friends.1
Hacking on Mitro
Mitro will succeed if it has an enthusiastic userbase and developer community. Aside from trying out the software, there are lots of things you can do to contribute:
Report any problems — there is a new bug tracker on github, so if you run into a bug or a web site that doesn’t work reliably, please let them know. You can also always tweet @MitroCo.
Review the code, fix bugs — Mitro is free and open source; if you know Javascript or Java, you can improve it. Mitro has had some professional security auditing in the past, but if you're a security researcher, extra eyes looking for and reporting vulnerabilities are valuable.
Contribute documentation — Mitro has some limited documentation on Github. The Mitro team would welcome any contributions to help others use it effectively.
Update, 2014-07-31: revised post to link to Mitro's announcement, and clarify that while the Mitro team is joining Twitter, Mitro itself will continue as an independent corporation.
- 1. For the time being, we don't recommend using the Android variant of Mitro; the Android app is likely to be vulnerable to password theft by malicious apps because of security problems that follow inherently from its use of the Android clipboard. We are presently researching ways to work around this problem.