blueteamsec

672 readers

20 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat

Password managers less secure than promised (ethz.ch)

submitted 1 month ago by digicat to c/blueteamsec

2 comments fedilink hide all child comments

top 2 comments

sorted by: hot top controversial new old

[–] slazer2au@lemmy.world 4 points 1 month ago (1 children)

The team conducted a study to scrutinise the security architecture of three popular password manager providers: Bitwarden, Lastpass and Dashlane. Between them, they serve around 60 million users and have a 23 per cent market share. The researchers demonstrated 12 attacks on Bitwarden, 7 on LastPass and 6 on Dashlane.

[–] SanctimoniousApe@lemmings.world 4 points 1 month ago

Relying on any centralized service with a large number of users makes it a target. If we all self-host, tho, they'll go for viral methods of attack instead. Nothing's ideal.