floofloofFeb 16

You probably can't trust your password manager if it's compromised

https://lemmy.ca/post/60541192

You probably can't trust your password manager if it's compromised - Lemmy.ca

cross-posted from: https://infosec.pub/post/42164102 [https://infosec.pub/post/42164102] > Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…

Show threadchocratesFeb 16
Bitwarden. Shit.
Show threadeodurFeb 17
Thats really disappointing. At least the selfhosted version means it would have to be a heavily targeted attack.
Show threadBazoogleFeb 17
I don’t think it should be disappointing. Bitwarden welcomes third party security testing, especially given it is open source. The tests done were just tests, and the issues were already fixed.
Show threadeodur
Yeah, after seeing their response I’m quite satisfied. They’re one of the good guys and I hope it stays that way.
Feb 17 at 2:11pmWeb