- Vulnerabilities have been discovered in several password managers
- The researchers created theoretical attacks that could steal credentials.
- Remediation efforts are underway and multiple vulnerabilities have already been fixed.
Researchers have discovered 27 vulnerabilities in four popular password managers that could allow an attacker to access a victim’s password vault to alter and steal credentials.
Research by experts from ETH Zurich and the Università della Svizzera Italiana (USI) in Switzerland included vulnerabilities in Bitwarden, which was found to be susceptible to 12 attacks, LastPass to seven, Dashlane to six, and 1Password found to be vulnerable to only two attacks.
In total, these popular password managers cover more than 60 million users and nearly 125,000 companies, and the attacks discovered by researchers focus on vulnerabilities in four categories: key escrow, vault encryption, sharing, and backward compatibility.
Key escrow defects
Escrow’s key flaws center on vulnerabilities in account recovery features. The researchers highlighted that copies of the user’s encryption keys are often stored to assist with account recovery in case the user is unable to access their account using their master password.
However, in some cases keys can be accessed without authentication, allowing a hacker to manipulate the recovery process to access the keys and, in turn, a user’s vault. For attacks in this category, Bitwarden was found to be susceptible to three and LastPass to one.
Vault encryption flaws
The second category, vault encryption flaws, focuses on how stored credentials and their associated URL are encrypted within a user’s vault. In several cases, researchers discovered that the vault was not encrypted as a single block, but rather each individual item was encrypted separately.
Additionally, other information about the contents of the vault was left unencrypted. LastPass was found to be susceptible to five such attacks, Bitwarden to four, and Dashlane to one.
In attacks that exploit this vulnerability, an attacker could, in theory, exfiltrate information from each credential “field” within the vault to identify its contents. An attacker could also swap elements within a field to leak information or present the URL associated with the credentials in such a way that the password and username can be leaked.
Sharing defects
Many password managers allow users to share stored credentials and other information for convenience, such as being able to quickly share the Wi-Fi password with guests.
The researchers found that very little user authentication was performed when items were shared, allowing for multiple attack vectors that could reveal shared items or allow further attacks. For attacks in this category, Bitwarden was found to be vulnerable to two, while LastPass and Dashlane were susceptible to only one.
In one example, an attacker could create an “organization” and add random users using its public key. The password manager would then sync the users to the fake organization, making the users appear to belong to the organization. In some cases, the attacker could add incriminating items to the user’s vault, or could gain access to all items stored within a shared folder.
Backward compatibility defects
To maintain compatibility between versions, many password managers offer legacy support that allows compatibility with older encryption methods.
This is convenient for organizations and users who need to access credentials encrypted using older methods, but presents several opportunities for attackers to downgrade the encryption used by the client to older, and therefore weaker, cryptographic algorithms. For attacks in this category, Dashlane was susceptible to four and Bitwarden to three.
Vulnerabilities addressed and patches released
Before the investigation was published, researchers contacted all affected password manager vendors as part of a 90-day disclosure process. The researchers noted that there is no evidence that any of the vulnerabilities have been exploited in the wild, and all affected password manager vendors have begun remediation efforts, with several vulnerabilities already patched.
While 1Password was only vulnerable to two attacks, the company responded to researchers by stating that the vulnerabilities are part of architectural limitations, and that the vulnerabilities are already documented in the 1Password security design white paper.
Speaking to The Hacker News, Jacob DePriest, 1Password’s chief information security officer and chief information officer, said: “We are committed to continually strengthening our security architecture and evaluating it against advanced threat models, including malicious server scenarios like those described in the research, and evolving it over time to maintain the protections our users rely on.”
“For example, 1Password uses Secure Remote Password (SRP) to authenticate users without transmitting encryption keys to our servers, which helps mitigate entire classes of server-side attacks,” DePriest said. “More recently, we introduced a new capability for enterprise-managed credentials, which are built and secured from the ground up to resist sophisticated threats.”
Bitwarden stated in a blog post that “all issues identified in the report have been addressed by the Bitwarden team” and thanked the researchers for discovering the vulnerabilities.
Both Dashlane and LastPass also thanked the researchers and detailed their own findings on the vulnerabilities and mitigations.
The best password manager for every budget
