Encrypting text file with AES 256 instead of password manager

Considering those compromises you mention, do you think that encrypting files yourself will be easy? How do you know you won't get into those same pitfalls that resulted in compromises of password managers?

AES 256 is believed to be computationally secure. Every computer ever made working simultaneously to brute force the key, working since the beginning of time, would have a probabilistically negligible chance of ever finding the key to an encryption.

However: a secure algorithm doesn't guarantee a secure implementation. Just to give you an example, here are a few questions you should ask yourself:

  • How are you going to ensure that two identical passwords in your list are not encrypted to identical AES ciphertext? (so that if the adversary knows one password, he'll know where it is reused)
  • Are you sure your decrypted password list cannot be reclaimed by a process allocating RAM after you have consulted your list?
  • Are you sure your decrypted password list will not end up is the swapfile?
  • What communication mechanisms will you use between the user providing the master password, the process decrypting the password list and the target application in need of one password?

Password managers are designed with those (and perhaps many others) concerns in mind. It's almost impossible to get everything right when doing it yourself the first time, especially if you're not a security expert.

You'd lose the ability to generate random passwords at the click of a button, which might mean you tend towards weaker passwords from the lack of convenience - one of the benefits of password manager apps, whether online or offline, is the generation of long random strings.

However, you would keep the security of the passwords being safe if you lost a copy of the file, assuming you use the encryption method correctly.

Depending on how you did it, you might introduce a new issue for shoulder-surfing - with most password managers, only the password you want to use is displayed. If your text file includes multiple passwords, you might expose them all when viewing a specific one. You could avoid that by having multiple files, or a single file with really big gaps in between passwords, I suppose.

You probably also don't get as much assurance that the decrypted data isn't written to disk - password manager apps tend to be very careful to keep decrypted passwords in memory, but you'd have to ensure your decryption handling does the same yourself.