Do you use a password manager? Or do you think they pose too much of a risk, holding all the keys to the kingdom? Weigh in with our poll, below.
A little background: There have been vulnerabilities found before in this kind of software, which is meant to take the headache out of remembering multiple unique passwords by remembering them for you. Malware has also been found targeting it. The latest is word that a local adversary can crack open and steal passwords stored by the 1Password, Dashlane, KeePass and LastPass utilities.
Adrian Bednarek with Independent Security Evaluators (ISE) said that each of them “fails in implementing proper secrets sanitization for various reasons,” Bednarek wrote in his research report.
The firms have fiercely hit back on the assessment that this poses a serious risk, and indeed, even for ISE, this was far from a deal breaker. But at the same time, they also advocated that password-manager firms tighten up their application memory management.
How do you feel about password managers? Take our short poll and let us know. Also feel free to comment on this post with any meatier thoughts you may have.