Password managers are less secure than promised

⁨116⁩ ⁨likes⁩

Submitted ⁨⁨5⁩ ⁨hours⁩ ago⁩ by ⁨Beep@lemmus.org⁩ to ⁨technology@lemmy.world⁩

https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

Millions of people use password managers. They make accessing online services and bank accounts easy and simplify credit card payments.
Many providers promise absolute security – the data is said to be so encrypted that even the providers themselves cannot access it.
However, researchers from ETH Zurich have shown that it is possible for hackers to view and even change passwords.

source

Comments

Sort:hotnew top

exu@feditown.com ⁨5⁩ ⁨minutes⁩ ago
Interesting paper and I agree with the researchers to consider full server compromise in scope for online password managers. Maybe I missed it, but I’d have liked a section on the response by vendors. Mistakes happen, but the response and actions taken are very important for (continued) trust in a vendor.

source
unexposedhazard@discuss.tchncs.de ⁨1⁩ ⁨hour⁩ ago
OMFG can people please fucking go away with this stupid “password managers are worthless” bullshit today. They are exactly as secure as promised, unless you went to the obviously shady ones that use web interfaces. People have been saying this for years, if you want security, keep your password manager offline.

source
- victorz@lemmy.world ⁨3⁩ ⁨minutes⁩ ago
  So by that logic BitWarden is unsafe?
  
  source
Kushan@lemmy.world ⁨4⁩ ⁨hours⁩ ago
From the paper itself:

We had a video-conference and numerous email exchanges with Bitwarden. At the time of writing, they are well advanced in deploying mitigations for our attacks: BW01, BW03, BW11, BW12 were addressed, the minimum KDF iteration count for BW07 is now 5000, and their roadmap includes completely removing CBC-only encryption, enforcing per-item keys and changing the vault format for integrity. On 22.12.25 they shared with us a draft for a signed organisation membership scheme, which would resolve BW08 and BW09. At our request, to maintain anonymity, they have not yet credited us publicly for the disclosure, but plan to do so.

I didn’t look at the response to other Password managers, but the gist here is that the article is overblowing the paper by quite a bit and the majority of the “issues” discovered are either already fixed, or active design decisions.

source
- 1984@lemmy.today ⁨3⁩ ⁨hours⁩ ago
  I was also just looking for bitwarden information. Its just the best password manager and has never failed to do its job.
  
  source
felbane@lemmy.world ⁨4⁩ ⁨hours⁩ ago
tl;dr:

If the password manager server is hacked and compromised, then syncing your passwords with the compromised server will lead to compromised passwords (duh)

None of the providers tested have (or have had in the past) compromised servers.

and an observation or two:

Vaultwarden is free, self-hostable, and doesn’t rely on trust in a third party.

Keepass (and its client variants, like KeepassXC which is pretty great) is even more secure because there is no server, just an encrypted file you can store anywhere.
source
- orclev@lemmy.world ⁨2⁩ ⁨hours⁩ ago
  
  Keepass (and its client variants, like KeepassXC which is pretty great) is even more secure because there is no server, just an encrypted file you can store anywhere.
  
  And simultaneously less secure because it’s up to you to handle keeping your vault synced between various devices and most people are significantly worse at keeping systems secure than the professionals at the password managers.
  
  Self hosting a server of some kind or using something like Keepass on a single device (with offline backups) is the most secure option, but as usual with security doing so trades significant convenience for security. For most people who are interested in making sure their servers are kept up to date week to week letting professionals handle it is the better option.
  
  source
  - felbane@lemmy.world ⁨1⁩ ⁨hour⁩ ago
    Sure, but at the end of the day even if you don’t update your vaultwarden server or you rely on an insecure storage sync system like dropbox, your actual vault is encrypted with a key that only you know. Even if your server is hacked or the kdbx is leaked, your passwords are safe until someone breaks AES.
    
    Contrast that with hosted services, who could very easily attach their own keys to your encryption key (whether now or in the future at the behest of the state) and you’d be none the wiser. E2EE doesn’t matter much when the other end is controlled by someone else.
    
    I’m not disagreeing that most people just want something to work without thinking about, and for that reason I’m glad that services like bitwarden and lastpass and protonpass exist. My intent was not FUD, just shining a light on the fact that keeping your passwords secure does not require trusting a company.
    
    source
CardboardVictim@piefed.social ⁨5⁩ ⁨hours⁩ ago
For people interested there were 3 cloud based password managers tested and this is what they found

The researchers demonstrated 12 attacks on Bitwarden, 7 on LastPass and 6 on Dashlane.

source
- stephen01king@piefed.zip ⁨2⁩ ⁨hours⁩ ago
  Unfortunately they don’t explain what the attacks were in the article. Gonna need to find the paper to know.
  
  source
- sexy_peach@feddit.org ⁨5⁩ ⁨hours⁩ ago
  Is there a reason why these attacks were on cloud based pw managers?
  
  source
  - londos@lemmy.world ⁨1⁩ ⁨hour⁩ ago
    That’s where most of the passwords are
    
    source
  - _edge@discuss.tchncs.de ⁨4⁩ ⁨hours⁩ ago
    The method, they use, requires a client-server architecture. Hence, they cannot attack a local keepass file even if you sync it to some cloud.
    
    source
  - CardboardVictim@piefed.social ⁨4⁩ ⁨hours⁩ ago
    From what I scanned, there was no reason given on why they only attacked cloud based providers.
    
    My guess is that these are paid ones and thus have a ‘market share’, easier to attack etc.
    
    If you attack a ‘keepass’ password the attack vector is more crypto / memory based as far as my limited knowledge goes and not some funky inbetween attack.
    
    Also, if you attack a cloud base provides, you will most likely have multiple victims per breach / exploit, whilst offline are targeted and thus not so interesting in most cases unless we’re talking about a person of interest
    
    source
    -> View More Comments
- artyom@piefed.social ⁨4⁩ ⁨hours⁩ ago
  Yes but unfortunately nothing specific about the strength of any particular option.
  
  source
irate944@piefed.social ⁨4⁩ ⁨hours⁩ ago
Copy pasting a comment that I saw on Reddit

——

Link to the original study (with a less sensationalized title):

https://zkae.io

A few important notes:

the study is about Bitwarden, LastPass, Dashlane and 1Password. Proton Pass isn’t mentioned.

the study presumes that they’re working with a malicious server (read this as compromised server, controlled by an attacker). The attacks they talk about in the article would not work on a normal server. Here’s their quote:

No need to panic: all of our attacks presume a malicious server. We have no reason to believe that the password manager vendors are currently malicious or compromised, and as long as things stay that way, your passwords are safe. That said, password managers are high-value targets, and breaches do happen.

Here’s another quote, about other password managers:

You can ask your provider the following questions:

⁠Do you offer end-to-end encryption? What security do you provide in case your server infrastructure were to be compromised?

How do you check that public keys and public-key ciphertexts are authentic?

How do you authenticate security-critical settings, such as the KDF type and the iteration count?

Do you provide integrity guarantees for a user’s vault as a whole? Can a malicious server add items to your vault?

You can also ask your favourite password manager to commission an audit checking for our attacks in their products.

If you still feel unsure/unsafe, then adopt an offline password manager (I highly recommend keepassXC).
source
- scala@lemmy.ml ⁨3⁩ ⁨hours⁩ ago
  Wish they did an assessment on Proton pass. I just started using all proton services and wanted to know how that holds up. My company uses Bitwarden 🙃
  
  source
- CardboardVictim@piefed.social ⁨4⁩ ⁨hours⁩ ago
  I too recommend KeepassXC, works even on android with KeepassDX. I use syncthing to sync between devices (work, personal and android)
  
  source
  - artyom@piefed.social ⁨4⁩ ⁨hours⁩ ago
    Is your data in KeePass encrypted?
    
    source
    -> View More Comments
  - folekaule@lemmy.world ⁨3⁩ ⁨hours⁩ ago
    I also use KeepassXC, and it’s great. I’m interested in setting up Syncthing between my Android, Linux desktop, and NAS. Do you have any tips or articles/resources that you used to set it up?
    
    source
    -> View More Comments
aetherius@lemmy.ml ⁨3⁩ ⁨hours⁩ ago
Bitwarden have published a blog on this audit:

Security through transparency: ETH Zurich audits Bitwarden cryptography against malicious server scenarios

source
eleijeep@piefed.social ⁨4⁩ ⁨hours⁩ ago
the paper: https://eprint.iacr.org/2026/058.pdf

source
thoralf@discuss.familie-will.at ⁨3⁩ ⁨hours⁩ ago
I was always (and still am) under the assumption that you are fucked anyway, if either endpoint is compromised.

Sure, you can do a lot to make it less and less comfortable to read a password. But I’m not convinced that it is possible to. Fully prevent it from happening, no matter how hard you try.

source
CompactFlax@discuss.tchncs.de ⁨4⁩ ⁨hours⁩ ago
Assume the breach - that includes your password manager host. Especially your password manager host.

source