Password Managers

New research from ETH Zurich and USI Lugano reveals vulnerabilities in popular password managers, challenging their assurances that servers cannot access user vaults. The study analyzed Bitwarden, Dashlane, and LastPass, identifying ways attackers with server control could steal or modify data, particularly when features like account recovery or sharing are enabled. Companies have begun patching the issues while defending their overall security practices.