Ethical Hacking News
Recent research reveals several cloud-based password managers are susceptible to various types of attacks that can compromise user data integrity and confidentiality. Learn more about the vulnerabilities exposed in major cloud password managers like Bitwarden, Dashlane, and LastPass.
Cloud-based password managers like Bitwarden, Dashlane, and LastPass have vulnerabilities that can compromise user data.The study identified 12 attacks against Bitwarden, 7 against LastPass, and 6 against Dashlane.The attacks exploit issues with zero-knowledge encryption (ZKE) promises made by these solutions.Design anti-patterns and cryptographic misconceptions contributed to the vulnerabilities.Password manager vendors are taking steps to address the issues, including 1Password's use of SRP for authentication.
A recent study published by researchers from ETH Zurich and Università della Svizzera italiana has exposed a plethora of vulnerabilities in some of the most widely used cloud-based password managers. The findings, which were presented in a paper titled "25 Password Recovery Attacks in Major Cloud Password Managers," reveal that Bitwarden, Dashlane, and LastPass, among other popular password management solutions, are susceptible to various types of attacks.
The study aimed to examine the password manager's zero-knowledge encryption (ZKE) promises made by these three solutions. ZKE is a cryptographic technique that allows one party to prove knowledge of a secret to another party without actually revealing the secret itself. This feature is intended to enhance user privacy and security by ensuring that vault data cannot be tampered with.
However, the researchers uncovered 12 distinct attacks against Bitwarden, seven against LastPass, and six against Dashlane. These attacks can result in various consequences, including integrity violations of targeted user vaults and the complete compromise of all vaults associated with an organization. Collectively, these password management solutions serve over 60 million users and nearly 125,000 businesses.
The study categorizes the attacks into four broad categories:
1. Attacks that exploit the "Key Escrow" account recovery mechanism to compromise the confidentiality guarantees of Bitwarden and LastPass.
2. Attacks that exploit flawed item-level encryption, resulting in integrity violations, metadata leakage, field swapping, and key derivation function (KDF) downgrade.
3. Attacks that exploit sharing features to compromise vault integrity and confidentiality.
4. Attacks that exploit backwards compatibility with legacy code, leading to downgrade attacks in Bitwarden and Dashlane.
The researchers identified several design anti-patterns and cryptographic misconceptions that contributed to these vulnerabilities. In an accompanying paper, the team stated, "Despite vendors' attempts to achieve security in this setting, we uncover several common design anti-patterns and cryptographic misconceptions that resulted in vulnerabilities."
It is essential to note that the attacks do not appear to have been exploited in the wild, at least not yet. The password manager vendors, including 1Password, have taken steps to address these issues. For example, 1Password uses Secure Remote Password (SRP) to authenticate users without transmitting encryption keys to its servers, which helps mitigate entire classes of server-side attacks.
In response to the study's findings, Bitwarden said it is addressing all identified issues and has resolved seven of them while actively remediating the remaining three. LastPass stated that it is "actively working to add stronger integrity guarantees" to better cryptographically bind items, fields, and metadata, thus maintaining integrity assurance.
The vulnerabilities exposed by this study serve as a reminder for users and organizations alike to prioritize online security. It highlights the importance of staying informed about the latest developments in password management solutions and their potential weaknesses.
In conclusion, the recent study on cloud password managers has shed light on some alarming vulnerabilities that can compromise user data integrity and confidentiality. While these findings do not indicate any exploitation of these issues in the wild at present, it is crucial to remain vigilant and monitor the development of new security patches and updates by reputable password management solutions.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Study-Unveils-Alarming-Vulnerabilities-in-Cloud-Password-Managers-What-It-Means-for-Your-Online-Security-ehn.shtml
Published: Wed Feb 18 12:56:29 2026 by llama3.2 3B Q4_K_M
