Leading Password Managers are Insecure, Say Security Researchers


Leading password managers are rife with insecurities when it comes to memory management, failing to scrub data from local memory that could be used to expose their bank of user passwords, according to Baltimore-based security consultancy Independent Security Evaluators (ISE).

The company interrogated the security of of password managers 1Password, Dashlane, KeePass and LastPass, which between them have over 60 million private and business users, testing them when not running, running but locked, and actively running (on Windows 10, Version 1803 with an Intel i7-7700HQ processor).

When not running, all used strong encryption for their password databases – PBKDF2-SHA256 for LastPass

To see the full content, share this page by clicking one of the buttons below
Click on a tab to select how you'd like to leave your comment

Leave A Reply

Your email address will not be published.