Pulse of Truth

2321 readers

76 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

You probably can't trust your password manager if it's compromised (www.theregister.com)

submitted 5 days ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

15 comments fedilink hide all child comments

Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…

you are viewing a single comment's thread
view the rest of the comments

[–] lemmysmash@beehaw.org 13 points 5 days ago* (last edited 5 days ago)

To be fair, it's worth noting that the majority (all?) of the flaws were found around organization management, SSO, vault sharing and compatibility features. All of which severely expand the attack surface of any password manager, and hence should be avoided like a plague.

Also worth noting that the actual whitepaper (also linked in the article) is much better written than the article, and it was an interesting and easily understandable read. Give it a go.

And thanks for sharing!