New Vulnerabilities Found in Top Password Managers
New research by Independent Security Evaluators (ISE) has found serious flaws in the top password managers 1Password, Dashlane, KeePass and LastPass, which render the products about as secure as text files containing passwords.
ISE CEO Stephen Bono stated that “100 percent of the products that ISE analyzed failed to provide the security to safeguard a user’s passwords as advertised.” The products, which are used by 60 million individual users and 93,000 businesses accross the globe, “provide some utility for storing login/passwords and limit password reuse,” according to the research. However, they are “a vulnerable target for the mass collection of this data through malicious hacking campaigns.”
The findings are rather striking, as password managers are consider one of the key solutions to the prevalence of poor password security practices among individual users and employees, such as saving passwords in text files, writing them down on paper and reusing the same password for multiple accounts.