I’ve written several posts explaining the dangers of using a password manager to store the passwords to all of your online accounts.
Well, new information has recently surfaced that proves just how dangerous password managers really are.
The researchers at Independent Security Evaluators have just published the results of an in-depth study that tested how effective several of the most popular password managers are at protecting your passwords from hackers.
Well, the results are troubling to say the least.
I won’t go into the details of all the tests the researchers ran and the results they received because you can easily click the link above and read it yourself if you’re interested.
What I’ll do here is give you a quick summary…
- At least one popular password manager was found to “leak” the account’s master password. That of course makes every other password stored by the service available to hackers.
- Some of the password managers they tested “leaked” whichever password the user was accessing at the time. That’s nowhere near as bad as leaking the master password, but it’s still horrible.
- Some of the password managers keep a table of all stored passwords in the computer’s RAM, which of course makes them all available to any hacker that manages to take control of the PC and install software that’s capable of retrieving the passwords from RAM.
- Some of the password managers leave users’ passwords vulnerable to key loggers and Clipboard sniffing malware.
Not very comforting, is it?
The good news is every one of the vulnerabilities discovered during the testing for this study require a hacker to be able to successfully hack into a user’s machine and assume control of it over the Internet.
The bad news is such hacks happen on a daily basis.
Bottom line: The results of this study confirm what I already knew: Using a password manager really does put your entire digital life at risk.
Of course the companies that produce the password managers that were tested for this study will quickly close the security holes that were found now that they’ve been brought to their attention.
The problem is, the issues found during this round of testing aren’t the first to be found and fixed. And it’s highly unlikely that they’ll be the last.
Bonus tip #1: This post explains how to track down and remove and key loggers, Clipboard sniffers or other forms of malware that might be present on your Windows PC.
Bonus tip #2: Want to make sure you never miss one of my tips? Click here to join my Rick’s Tech Tips Facebook Group!
Want to ask Rick a tech question? Click here and send it in!
If you found this post useful, would you mind helping me out by sharing it? Just click one of the handy social media sharing buttons below.