[csacc]

Just throwing this out there but when signing up for sites while using Safari, Apple gives me the option of using a (Apple generated) random password that is stored to my keychain and synced to my iCloud account. This means both of my MacBooks, my iPhone, and my iPad all have access to these sites with no effort on my part (I never could remember my passwords) while also being random and secure(-ish?).

All that is needed is a service (Microsoft, Google, Apple, Facebook) that you trust as your password manager and is integrated either with the sites you browse or the browser you use.

Having read Apple's iOS security document (http://www.apple.com/ipad/business/docs/iOS_Security_Feb14.p...) I have just the right combination of convenience, ease of use, and feeling secure with their services to use keychain for most of my password needs.

[rst]

Awkward time to bring up iCloud as a potential SPOF for users' security. Apart from technical flaws in the service (and any cloud service is likely to have one eventually), cryptographer Matt Green (on his twitter feed) has pointed out that Apple chose some poor defaults, particularly the use of peoples' phone password as default for cloud storage. Quoth Matt, "Of course people pick terrible iCloud passwords. You can't enter a good password 50x per week on a mobile device. You'll go carpal." (In subsequent tweets, he acknowledges that password caching would help with this, but says he had to turn it off after his kids ran up a $200 bill.)

Of course, it's not clear that password brute-forcing was what led to the recent leaks of celebrity nude selfies, and not even complely clear that they came from iCloud (though a lot of clues point that way). But regardless, they do illustrate the risks of relying on cloud storage generally, regardless of who provides it.

[SomeCallMeTim]

Sorry, but there's no way I'd allow any cloud service to hold my password vault, and recommending it to end users seems like a colossally bad idea.

I'd want at least two layers of different encryption types (generated by distinct software) protecting any such file if it were to be stored in the cloud. That way if one software package or one encryption algorithm were compromised, there would at least be a chance the other layer would protect it.

So at the moment I put my vault on my laptop and copy it directly to my phone, but I don't copy it into the cloud, ever.

I might consider using something like SpiderOak [1] in conjunction with a Keepass encrypted container, for instance. But I haven't even done that.

[1] https://spideroak.com/