Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Password Managers' Promise that They Can't See Your Vaults Isn't Always True

Researchers found dozens of server-side attacks on Bitwarden, LastPass, and Dashlane that expose or alter encrypted user vaults despite claims of zero-knowledge encryption.

Summary by Ars Technica
Over the past 15 years, password managers have grown from a niche security tool used by the technology savvy into an indispensable security tool for the masses, with an estimated 94 million US adults—or roughly 36 percent of them—having adopted them. They store not only passwords for pension, financial, and email accounts, but also cryptocurrency credentials, payment card numbers, and other sensitive data. All eight of the top password managers …

7 Articles

Ars TechnicaArs Technica
Center

Password managers' promise that they can't see your vaults isn't always true

Over the past 15 years, password managers have grown from a niche security tool used by the technology savvy into an indispensable security tool for the masses, with an estimated 94 million US adults—or roughly 36 percent of them—having adopted them. They store not only passwords for pension, financial, and email accounts, but also cryptocurrency credentials, payment card numbers, and other sensitive data. All eight of the top password managers …

·United States
Read Full Article
Die PresseDie Presse
Lean Right

Researchers Discover Major Vulnerabilities in Password Managers

The research team was able to demonstrate attacks on the password managers of three popular providers whose services would use around sixty million people worldwide.

·Vienna, Austria
Read Full Article
TechXploreTechXplore
Center

Why 'zero-knowledge encryption' may not stop password theft if servers are hacked

People who regularly use online services have between 100 and 200 passwords. Very few can remember every single one. Password managers are therefore extremely helpful, allowing users to access all their passwords with just a single master password.

Read Full Article
PCWorldPCWorld

These 3 popular password managers are insecure, researchers find

Security experts have found serious security vulnerabilities in widely-used password managers. Here's what they advise users to do.

Read Full Article
Help Net SecurityHelp Net Security

Design weaknesses in major password managers enable vault attacks, researchers say

Can password managers that claim "zero-knowledge encryption" keep users’ passwords safe even if their vault-storing servers are compromised?

Read Full Article
DiarioBitcoinDiarioBitcoin

The Myth of “Zero Knowledge Encryption” in Under Attack Password Managers

A new academic study calls into question one of the most repeated promises by the cloud password managers industry: that the “zero-knowledge encryption” makes a server hack useless. Under a “malware server” model, researchers documented dozens of attacks with a direct impact on the confidentiality and integrity of vaults, reopening the debate on which cryptographic guarantees are actually delivered to the user. *** The paper analyzes the concept…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources are Center
67% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

TechXplore broke the news in on Monday, February 16, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal