- Vulnerabilities discovered in several password managers
- Researchers created theoretical attacks that could steal credentials
- Remediation efforts are underway, with several vulnerabilities already patched
Researchers have discovered 27 vulnerabilities in four popular password managers that could allow an attacker to access a victim’s password vault to change and steal their credentials.
Research by experts from ETH Zurich and the University of Italian Switzerland (USI) in Switzerland included vulnerabilities in Bitwarden, which was found to be vulnerable to 12 attacks, LastPass to seven, Dashlane to six, and 1Password was found to be vulnerable to just two attacks.
In total, these popular password managers cover more than 60 million users and nearly 125,000 businesses, with the attacks discovered by researchers focusing on vulnerabilities in four categories: key escrow, vault encryption, sharing, and backwards compatibility.
Key Deposit Flaws
The main flaws in escrow focus on vulnerabilities in account recovery features. The researchers pointed out that copies of users’ encryption keys are often stored to facilitate account recovery if the user is unable to access their account using their master password.
However, in some cases the keys are accessible without authentication, allowing a hacker to manipulate the recovery process to gain access to the keys and, therefore, a user’s vault. For attacks in this category, Bitwarden was found to be susceptible to three and LastPass to one.
Vault Encryption Vulnerabilities
The second category, vault encryption vulnerabilities, focuses on how stored credentials and their associated URL in a user’s vault are encrypted. In several cases, researchers discovered that the vault was not encrypted as a single block, but that each individual item was encrypted separately.
Additionally, other information about the contents of the safe was not encrypted. LastPass was found to be susceptible to five such attacks, Bitwarden to four, and Dashlane to one.
In attacks exploiting this vulnerability, an attacker could theoretically leak information from each credential “field” in the vault to identify its contents. An attacker could also swap elements in a field to leak information, or present the URL associated with the credentials in such a way that the password and username could be leaked.
Share flaws
Many password managers allow users to share stored credentials and other information for convenience, such as being able to quickly share the Wi-Fi password with guests.
Researchers found that very little user authentication was performed when items were shared, allowing for multiple attack vectors that could reveal shared items or enable other attacks. For attacks in this category, Bitwarden was found to be vulnerable to two, while LastPass and Dashlane were only susceptible to one.
In one example, an attacker could create an “organization” and add random users using their public key. The password manager would then sync the users with the fake organization, making the users appear to belong to the organization. In some cases, the attacker could then add incriminating items to the user’s vault, or they could access all items stored in a shared folder.
Backwards compatibility flaws
To maintain compatibility between versions, many password managers offer legacy support that allows backward compatibility with older encryption methods.
This is convenient for organizations and users who need to access credentials encrypted using older methods, but presents several opportunities for attackers to downgrade the encryption used by the client to older, and therefore weaker, cryptographic algorithms. For attacks in this category, Dashlane was susceptible to four and Bitwarden to three.
Vulnerabilities fixed and patches released
Before the study was published, researchers contacted all affected password manager vendors as part of a 90-day disclosure process. The researchers noted that there was no evidence that the vulnerabilities were exploited in the wild, and all affected password manager vendors have all begun remediation efforts, with several vulnerabilities already patched.
While 1Password was only vulnerable to two attacks, the company responded to researchers by stating that the vulnerabilities were part of architectural limitations, with the vulnerabilities already documented in 1Password’s security design white paper.
Speaking to The Hacker News, Jacob DePriest, chief information security officer and chief information officer at 1Password, said: “We are committed to continually strengthening our security architecture and evaluating it against advanced threat models, including malicious server scenarios like those described in the study, and evolving it over time to maintain the protections our users rely on.”
“For example, 1Password uses Secure Remote Password (SRP) to authenticate users without transmitting encryption keys to our servers, helping to mitigate entire classes of server-side attacks,” DePriest said. “Most recently, we introduced new functionality for enterprise-managed credentials, which are built and secured from the ground up to resist sophisticated threats.
Bitwarden said in a blog post that “All issues identified in the report have been resolved by the Bitwarden team” and thanked researchers for discovering the vulnerabilities.
Dashlane and LastPass also thanked the researchers and detailed their own findings on vulnerabilities and mitigation measures.
The best password manager for every budget
