- Vulnerabilities have been discovered in several password managers
- Researchers created theoretical attacks that could steal credentials
- Remediation efforts are ongoing and several vulnerabilities have already been fixed
27 vulnerabilities across four popular password managers have been discovered by researchers that could allow an attacker access to a victim’s password vault to change and steal credentials
The research by experts at ETH Zurich and the Università della Svizzera italiana (USI) in Switzerland included vulnerabilities in Bitwarden, which was found to be susceptible to 12 attacks, LastPass to seven, Dashlane to six, and 1Password was found to be vulnerable to only two attacks.
In total, these popular password managers cover over 60 million users and nearly 125,000 businesses, with the attacks discovered by the researchers focusing on vulnerabilities across four categories – key escrow, vault encryption, sharing and backward compatibility.
Key deposit error
The main escrow flaws focus on vulnerabilities in account recovery features. The researchers outlined that copies of the user’s encryption keys are often stored to aid in account recovery if the user was unable to access their account using their master password.
However, in some cases, the keys can be accessed without authentication, allowing an attacker to manipulate the recovery process to gain access to the keys and, in turn, a user’s vault. For attacks in this category, Bitwarden was found to be susceptible to three and LastPass to one.
Vault encryption error
The second category, vault encryption flaws, focuses on how stored credentials and their associated URL in a user’s box are encrypted. In several cases, the researchers found that the vault was not encrypted as a single block, but instead each item was encrypted separately.
In addition, other information about the contents of the vault was left unencrypted. LastPass was found to be susceptible to five attacks of this type, Bitwarden to four and Dashlane to one.
In attacks exploiting this vulnerability, an attacker could theoretically leak information from each credential “field” in the box to identify its contents. An attacker can also swap elements in a field to leak information or present the URL associated with the credentials in such a way that the password and username can be leaked.
Sharing error
Many password managers allow users to share saved credentials and other information as a matter of convenience, such as being able to quickly share the Wi-Fi password with guests.
The researchers found that very little user authentication occurred when items were shared, allowing for multiple attack vectors that could expose shared items or enable additional attacks. For attacks in this category, Bitwarden was found to be vulnerable to two, with LastPass and Dashlane susceptible to only one.
In one example, an attacker could create an ‘organization’ and add random users using their public key. The password manager would then sync the users with the fake organization, making the users appear to belong to the organization. In some cases, the attacker can then add incriminating items to the user’s box, or the attacker can access all the stored items in a shared folder.
Backwards compatibility error
To maintain compatibility between versions, many password managers offer legacy support that enables backward compatibility with older encryption methods.
This is convenient for organizations and users who need to access credentials encrypted using legacy methods, but provides more opportunities for attackers to downgrade the encryption used by the client to the older, and therefore weaker, cryptographic algorithms. For attacks in this category, Dashlane was susceptible to four and Bitwarden to three.
Vulnerabilities fixed and patches released
Before the research was released, the researchers contacted all affected password manager providers as part of a 90-day disclosure process. The researchers noted that there is no evidence that any of the vulnerabilities have been exploited in the wild, and all password manager vendors have all begun remediation, with several vulnerabilities already fixed.
While 1Password was only vulnerable to two attacks, the company responded to the researchers saying the vulnerabilities are part of architectural limitations, with the vulnerabilities already documented in 1Password’s security design white paper.
Speaking to The Hacker News, Jacob DePriest, Chief Information Security Officer and Chief Information Officer at 1Password, said, “We are committed to continuously strengthening our security architecture and evaluating it against advanced threat models, including malicious server scenarios like those described in the research, and evolving it over time to maintain the protection our users depend on.”
“For example, 1Password uses Secure Remote Password (SRP) to authenticate users without sending encryption keys to our servers, which helps mitigate entire classes of server-side attacks,” DePriest said. “Recently, we introduced a new feature for Enterprise Managed Credentials that is built and secured from the ground up to resist sophisticated threats.”
Bitwarden stated in a blog post that “All issues identified in the report have been addressed by the Bitwarden team,” and thanked the researchers for uncovering the vulnerabilities.
Both Dashlane and LastPass also thanked the researchers and detailed their own findings of the vulnerabilities and mitigations.
The best password manager for all budgets
