Wednesday, September 24, 2014

Password Managers Pose Security Risk

Password managers may not be as effective as you think. While these tools provide convenience and (ostensibly) peace of mind, a recently released report from UC Berkeley researchers, including TRUST researcher Dawn Song, found that the five popular password managers tested all had critical vulnerabilities. In fact, the researchers found that for four of the five companies studied an attacker would be able steal arbitrary credentials, at the time of the report.

Researchers reported their findings to the companies reviewed, and most responded to the disclosures and fixed the vulnerabilities. However, their research points to the importance of always considering possible weaknesses and not taking security for granted.