Tara SealsTHREATPOST:865A479FCD807EC1FBFC8256D4F9ECBCThreatpost Poll: Are Password Managers Too Risky?
Do you use a password manager? Or do you think they pose too much of a risk, holding all the keys to the kingdom? Weigh in with our poll, below.
A little background: There have been vulnerabilities found before in this kind of software, which is meant to take the headache out of remembering multiple unique passwords by remembering them for you. Malware has also been found targeting it. The latest is word that a local adversary can crack open and steal passwords stored by the 1Password, Dashlane, KeePass and LastPass utilities.
Adrian Bednarek with Independent Security Evaluators (ISE) said that each of them “fails in implementing proper secrets sanitization for various reasons,” Bednarek wrote in his research report.
The firms have fiercely hit back on the assessment that this poses a serious risk, and indeed, even for ISE, this was far from a deal breaker. But at the same time, they also advocated that password-manager firms tighten up their application memory management.
How do you feel about password managers? Take our short poll and let us know. Also feel free to comment on this post with any meatier thoughts you may have.
References
poll.fm/10246589
poll.fm/10246594
poll.fm/10246602
poll.fm/10246608
poll.fm/10246610
threatpost.com/1password-dashlane-keepass-and-lastpass/142037/
threatpost.com/citadel-variant-targets-password-managers/109493/
threatpost.com/newsletter-sign/
threatpost.com/researcher-warns-security-hole-keepass-password-manager-062712/76738/
www.securityevaluators.com/casestudies/password-manager-hacking/