인기있는 암호 관리자에서 보안 취약점 발견

ment 2/24 '19 posted 뉴스 IT

• Independent Security Evaluators (ISE)에 의한 분석에서는 1Password, Dashlane, LastPass 및 KeePass의 각 버전에서 문제의 정도가 다른 것을 알 수있었습니다.

• 분명히 응용 프로그램이 잠길 때 암호 (특히 마스터 암호)가 메모리에 있으면 분명히 멀웨어가 컴퓨터에 감염된 후이 데이터를 훔칠 수 있습니다.

Researchers have uncovered a surprising security weakness in password managers – several…

Password managers leaking data in memory, but you should still use one [nakedsecurity.sophos.com]

It is bad practice to use the same password for multiple accounts, because even if only one of…

If you are an avid user of password managers, you might just be in for a surprise. A recent study…

Your Password Manager Has A Severe Flaw - But You Should Still Use One [fossbytes.com]

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park,…

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations [threatpost.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

2/24 '19 answered

Password managers leak data in memory, but you should still use one: https://t.co/V2k6V1DBOb
by @NakedSecurity #infosec #cybercrime #crypto #Samsung #CyberSecurity @Fisher85M @RichSimmondsZA @MikeQuindazzi @HaroldSinnott @jblefevre60 @debraruh @ipfconline1
— Andrey Kuchaev (@AKuchaev) February 21, 2019

Ok so the password managers have a point, it is hard to hide the master password in memory. One solution would be stop using passwords. WebAuthn doesn't require passwords and secrets are stored in secure elements in most cases. https://t.co/dn4VbGUcqv
— Login Llama (@LoginLlama) February 21, 2019

Several popular password managers appear to do a weak job at scrubbing passwords from memory once they are no longer being used. https://t.co/cpdUOoqzsv #cybersecurity #securityawareness
— Inspired eLearning (@InspiredeLearn) February 22, 2019

Password managers leaking data in memory, but you should still use one https://t.co/ULUyWeUSrq
— BrianHonan (@BrianHonan) February 21, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured