You probably can’t trust your password manager if it’s compromised

Steven

You probably can’t trust your password manager if it’s compromised

Summary

Researchers from ETH Zurich and Università della Svizzera italiana examined the “zero-knowledge” promises of Bitwarden, LastPass and Dashlane and found multiple practical attacks that can expose or alter stored credentials if a vendor’s servers are compromised. Using a malicious-server model, the team demonstrated 12 working attacks against Bitwarden (seven leading to password disclosure), seven against LastPass (three disclosing passwords) and six against Dashlane (one disclosing).

The paper highlights how legacy cryptographic formats and compatibility code increase complexity and open downgrade or extraction paths. The researchers recommend onboarding new users with modern crypto defaults and offering clear migration choices to existing customers.

Key Points

  1. Academic team used a malicious-server threat model to test zero-knowledge claims and found several successful attacks.
  2. Bitwarden showed the most issues in the study; LastPass and Dashlane were also vulnerable to multiple attacks.
  3. Many attacks only require routine user actions (logging in, opening the vault, syncing); some exploit more complex flows like key rotation or sharing.
  4. Support for legacy cryptography for backward compatibility enabled downgrade attacks and raised the risk surface.
  5. Vendors responded constructively and are patching weaknesses, but researchers warn similar problems likely exist across the industry and may already be known to advanced attackers.

Context and relevance

Password managers are a cornerstone of modern security advice. This research undercuts the simple message that “servers can’t see your secrets” by showing how implementation complexity and legacy support can defeat that guarantee when servers are hostile. The findings are relevant to security teams, consumers and anyone relying on third-party vaults for credentials.

Why should I read this?

Short and blunt: if you use a password manager (most people do), this matters to you. The article explains why “zero-knowledge” isn’t an absolute shield when vendors keep old crypto or their servers get taken over. Read it to know whether your provider has fixed issues, to update clients, and to weigh migration options.

Author note

Punchy: this is a wake-up call. Widely used tools may not keep secrets safe if a vendor’s servers are malicious or hacked. The researchers’ work should force clearer threat models and faster crypto upgrades across the industry.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2026/02/16/password_managers/