cross-posted from: https://infosec.pub/post/42164102
Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…
You probably can’t trust anything if it’s compromised
Well the specific point here is that these companies claim that a server hack won’t reveal your passwords since they’re encrypted and decrypted on your local device so the server only sees the encrypted version. Apparently this isn’t completely true.
Yeah, the title there really doesn’t reflect the article text. It should be “you probably can’t trust your password manager if the remote servers it uses are compromised”.