Being a constant user of password managers, most of us think that we are safe. But that is certainly not the case as a latest research has discovered that such apps are storing the master password as plain text in the system which can be accessed by a hacker (in case of cyber-security breach).
A report from Independent Security Evaluators (ISE), based on evaluating 1Password, Dashlane, KeePass and LastPass, has exposed this major flaw which can expose user credentials in computer memory.
Remembering complex passwords is a tough task and that is where all the password managers come handy. They create a master password which can be used as an alternative for all usernames, email IDs and passwords being managed by it. But along with that, such apps also store the master key as a plain text document in a source path within the system.
An expert hacker can then access to multiple accounts with the same master password stored in the computer and can furthermore decrypt the password manager database.
While there is so much risk involved with this gaping hole, researchers don’t want you to stop using it. In fact, till the time an update from the password manager companies resolves this issue, you should be extra careful about not leaving the app running in background or locked. Also, make sure to use an updated antivirus for extra protection from hackers.
Photo: Getty Images
A report from Independent Security Evaluators (ISE), based on evaluating 1Password, Dashlane, KeePass and LastPass, has exposed this major flaw which can expose user credentials in computer memory.
Remembering complex passwords is a tough task and that is where all the password managers come handy. They create a master password which can be used as an alternative for all usernames, email IDs and passwords being managed by it. But along with that, such apps also store the master key as a plain text document in a source path within the system.
An expert hacker can then access to multiple accounts with the same master password stored in the computer and can furthermore decrypt the password manager database.
Also Read: Study Revealed How Chrome Extensions Are Deceiving Its UsersTogether there are 60 Million users and 93,000 Businesses globally who use the above mentioned apps regularly for their own system security.
While there is so much risk involved with this gaping hole, researchers don’t want you to stop using it. In fact, till the time an update from the password manager companies resolves this issue, you should be extra careful about not leaving the app running in background or locked. Also, make sure to use an updated antivirus for extra protection from hackers.
Photo: Getty Images
