New research from ETH Zurich and USI Lugano reveals vulnerabilities in popular password managers, challenging their assurances that servers cannot access user vaults. The study analyzed Bitwarden, Dashlane, and LastPass, identifying ways attackers with server control could steal or modify data, particularly when features like account recovery or sharing are enabled. Companies have begun patching the issues while defending their overall security practices.
Password managers have become essential for millions, with an estimated 94 million US adults using them to store sensitive data like passwords, cryptocurrency credentials, and payment details. Providers such as Bitwarden, Dashlane, and LastPass promote a 'zero-knowledge' encryption model, assuring users that even if servers are compromised, no one except the user can access the data. Bitwarden states that 'not even the team at Bitwarden can read your data (even if we wanted to).' Dashlane claims that without the master password, 'malicious actors can’t steal the information, even if Dashlane’s servers are compromised.' LastPass similarly asserts that no one can access the vault 'except you (not even LastPass).'
However, researchers from ETH Zurich and USI Lugano, in a paper published on February 17, 2026, demonstrated that these promises do not always hold. By reverse-engineering the software, they identified 25 vulnerabilities allowing an adversary with server control—through compromise or insider access—to read or even modify entire vaults. The attacks primarily exploit features like key escrow for account recovery and vault sharing. For instance, in Bitwarden, during new member enrollment in a family or organization, an attacker can replace the group public key with their own, enabling decryption of the user's symmetric key and access to the vault. This can propagate 'worm-like' across overlapping groups if recovery is enabled.
Similar flaws affect LastPass's key escrow in Teams versions, where superadmin key replacement allows vault theft upon login via browser extension. Dashlane faces risks in shared vaults, where unauthenticated key pairs let attackers recover shared symmetric keys to read and modify items. Backward compatibility with older versions introduces further weaknesses, such as padding oracle attacks in Bitwarden and Dashlane that could decrypt vaults over time. Attacks on hashing iterations also reduce master password cracking difficulty dramatically.
The researchers noted that these issues were overlooked despite prior audits, calling for more focus on malicious server scenarios. They mentioned 1Password likely shares similar flaws but analyzed it less deeply. Companies responded by patching many vulnerabilities after private notifications. Bitwarden emphasized that the threat model assumes 'full server compromise and adversarial behavior beyond standard operating assumptions.' LastPass highlighted its multi-layered security, including annual penetration testing and bug bounties. Dashlane affirmed rigorous testing and quick mitigation. 1Password stated the paper revealed no new vectors beyond its documented risks and continues evaluating against advanced threats.
The study underscores that while server breaches are rare, they remain a credible risk, especially from nation-state actors, given past incidents like LastPass breaches in 2015, 2021, and 2022.