Password managers less secure than promised
ethz.ch
Researchers from ETH Zurich have discovered serious security vulnerabilities in three popular, cloud-based password managers. During testing, they were able to view and even make changes to stored passwords.
  • Millions of people use password managers. They make accessing online services and bank accounts easy and simplify credit card payments.
  • Many providers promise absolute security – the data is said to be so encrypted that even the providers themselves cannot access it.
  • However, researchers from ETH Zurich have shown that it is possible for hackers to view and even change passwords.
  • Appoxo@lemmy.dbzer0.comEnglish
    1·
    2 hours ago

    Bitwarden did so too.

    But IMO your assumption is a bit of interpreting bad/malicious faith into it.
    I see it more like they are the more publicly known brands/services that do this and underwent the audit.
    I have read the TLDR by the authors (linked a few times in the comments) and the answer by bitwarden.
    Bitwarden said the, fixed the issue, are in the progress of doing it or are accepting it as “this is intended/a trade-off”.
    What is a bit sad is that they had more vulnerabilities than other vendors. But I trust them more as they are mostly OSS.