this post was submitted on 16 Feb 2026
259 points (90.3% liked)

Technology

81451 readers
4151 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
259
You probably can't trust your password manager if it's compromised (www.theregister.com)
submitted 2 days ago by floofloof@lemmy.ca to c/technology@lemmy.world
119 comments fedilink hide all child comments
 

cross-posted from: https://infosec.pub/post/42164102

Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…

you are viewing a single comment's thread
view the rest of the comments
[–] Auster@thebrainbin.org 356 points 2 days ago (4 children)

You probably can't trust anything if it's compromised

[–] floofloof@lemmy.ca 70 points 2 days ago* (last edited 2 days ago) (2 children)

Well the specific point here is that these companies claim that a server hack won't reveal your passwords since they're encrypted and decrypted on your local device so the server only sees the encrypted version. Apparently this isn't completely true.

[–] philpo@feddit.org 16 points 2 days ago

At the point someone pulls off a valid MIM attack - which is basically a requirement here unless the whole BW/Vaultwarden server gets compromised- that is the least of someones problems. MIMs are incredibily hard these days.

[–] Auli@lemmy.ca 2 points 2 days ago (1 children)

Well if you decrypt the blob on the server they can see it.

[–] Telorand@reddthat.com 5 points 2 days ago

There's something nice about the phrase "decrypt the blob."

[–] tal@lemmy.today 46 points 2 days ago (1 children)

Yeah, the title there really doesn't reflect the article text. It should be "you probably can't trust your password manager if the remote servers it uses are compromised".

[–] hummingbird@lemmy.world 4 points 2 days ago

That would be an understatement since all services claim your data is safe even in that case which is not true.

[–] Pratai@piefed.ca 24 points 2 days ago (1 children)

Are you trying to say the front fell off?

[–] wreckedcarzz@lemmy.world 13 points 2 days ago (1 children)

That's not very typical

[–] sunbeam60@feddit.uk 8 points 2 days ago (1 children)

It wasn’t designed for the front to fall off, that’s for sure!

[–] QuadratureSurfer@piefed.social 3 points 1 day ago (1 children)

Well, what sort of standards are these tools built to?

[–] sunbeam60@feddit.uk 3 points 1 day ago

For the front to stay on!

[–] unhrpetby@sh.itjust.works 14 points 2 days ago (2 children)
[–] underisk@lemmy.ml 27 points 2 days ago (1 children)

BW06: Icon URL Item Decryption. Items can include a URL field, which is used to autofill the credentials and display an icon on the client. The client decrypts the URL and fetches the icon from the server, including in its request the domain and top-level domain of the URL. For instance, if the URL is “https://host.tld/path%E2%80%9D, the client request includes “host.tld”. This means that the adversary can learn (part of) the con- tents of URL fields. Using Attack BW05, an adversary can place the ciphertext of sensitive item fields, such as a user- name or a password, in the encrypted URL field. After fetch- ing the item, the client will then decrypt the ciphertext, confus- ing it for a URL. If the plaintext satisfies some conditions (i.e. containing a ‘.’ and no !), it will be leaked to the adversary. A URL checksum feature was deployed in July 2024, mak- ing the clients store a hash of the URL in another encrypted item field, therefore providing a rudimentary integrity check and preventing this attack. Note that old items are never up- dated to add such a checksum: this feature only protects items created after its introduction. Furthermore, URL checksums are only checked if a per-item key is present for the item. As we will see, an adversary can prevent per-item keys from being enabled with Attack BW10.

IMPACT. The adversary can recover selected target ciphertexts in the item, such as the username or the password.

REQUIREMENTS. The user opens a vault containing items that do not use per-item keys (i.e., items created before July 2024, or after Attack BW10 is run). The target plaintext must satisfy some additional conditions, detailed in Appendix

-- from the paper the article is discussing

So you could potentially expose your passwords to a compromised server or some kind of MITM. If they meet the conditions for the validation check, anyway.

[–] unhrpetby@sh.itjust.works 1 points 2 days ago* (last edited 2 days ago) (2 children)

My comment was to answer the question of: "Why is this relevant?" (Its been asked a lot). It's relevant because Bitwarden is claiming that they "cannot see your passwords".

[–] underisk@lemmy.ml 5 points 2 days ago

I didn't think you were making the post to defend Bitwarden or something. I was just adding the details of one of the exploits the paper found that directly contradicted their claim.

[–] Auli@lemmy.ca 1 points 2 days ago

Well if they store an encrypted blob they can't see them.

[–] unexposedhazard@discuss.tchncs.de 3 points 2 days ago* (last edited 2 days ago)

And if the client software itself is compromised then all that is meaningless.