Top password manager products have fundamental flaws that expose the data they are designed to protect, rendering them no more secure than saving passwords in a text file, according to a new study by researchers at Independent Security Evaluators (ISE).
“100 percent of the products that ISE analyzed failed to provide the security to safeguard a user’s passwords as advertised,” says ISE CEO Stephen Bono. “Although password managers provide some utility for storing login/passwords and limit password reuse, these applications are a vulnerable target for the mass collection of this data through malicious hacking campaigns.”
In the new report titled “Under the Hood of Secrets Management,” ISE researchers revealed serious weaknesses with top password managers: 1Password, Dashlane, KeePass and LastPass. ISE examined the underlying functionality of these products on Windows 10 to understand how users’ secrets are stored even when the password manager is locked. More than 60 million individuals 93,000 businesses worldwide rely on password managers. Click here for a copy of the report.
Password managers are marketed as a solution to eliminate the security risks of storing passwords or secrets for applications and browsers in plain text documents. Having previously examined these and other password managers, ISE researchers expected an improved level of security standards preventing malicious credential extraction. Instead ISE found just the opposite.
Click here to read the findings from the report.
Product of the Day5 days ago
Naspers invests R42-m in public transport
People 'n' Issues4 days ago
Loyalty points get tax break
Stream of the Day5 days ago
E3: What to expect from Ubisoft Forward
Product of the Day4 days ago
Opera launches Hype in SA
People 'n' Privacy4 days ago
POPI is NOT coming to get you
Stream of the Day4 days ago
Square Enix summer showcase comes to E3
Gadget of the Week5 days ago
Gadget of the Week: Orboot Interactive Earth Globe
Cybersecurity3 days ago
Biometrics set to replace passwords