#dashlane — Public Fediverse posts

this concludes my reading of https://eprint.iacr.org/2026/058

what a paper. warmly recommended to read.

#crypto #passwordmanagers #bitwarden #lastpass #dashlane

14/n

Password managers don’t protect secrets if pwned. You probably can't trust your password manager if it's compromised.
.

#bitwarden #cryptography #dashlane #encryption #lastpass #password

https://www.theregister.com/2026/02/16/password_managers/

[en] Serious security vulnerabilities in cloud-based password managers : #Bitwarden, #Lastpass, #Dashlane

The research team of Prof. Paterson found cryptographic technologies from the 90s. "We were surprised by the severity of the security vulnerabilities".

In most cases, the researchers were able to gain access to the passwords – and even make changes to them.

https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

Aside from this research paper, recommended password managers often include #KeePassXC and/or #KeePassDX for Android or #KeePassium for iOS. Also, it's usually a good idea to store only accounts and passwords that are really necessary on the go, especially on mobile devices.

#password #passwordmanager #cloudbased #security #ictsecurity #securityvulnerability #ethz

[en] Serious security vulnerabilities in cloud-based password managers : #Bitwarden, #Lastpass, #Dashlane

The research team of Prof. Paterson found cryptographic technologies from the 90s. "We were surprised by the severity of the security vulnerabilities".

In most cases, the researchers were able to gain access to the passwords – and even make changes to them.

https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

Aside from this research paper, recommended password managers often include #KeePassXC and/or #KeePassDX for Android or #KeePassium for iOS. Also, it's usually a good idea to store only accounts and passwords that are really necessary on the go, especially on mobile devices.

#password #passwordmanager #cloudbased #security #ictsecurity #securityvulnerability #ethz

[de] Cloudbasierte Passwortmanager mit gravierenden Sicherheitslücken: #Bitwarden, #Lastpass, #Dashlane

Vernichtende Feststellung: "kryptographische Technologien aus den 90er-Jahren". Dem Team um Prof. Paterson war es offenbar recht einfach möglich, "Zugang zu den Passwörtern verschaffen – und diese sogar [zu] manipulieren".

https://ethz.ch/de/news-und-veranstaltungen/eth-news/news/2026/02/passwortmanager-bieten-weniger-schutz-als-versprochen.html

Ausserhalb dieses Berichts wird u. a. oft #KeePassXC und/oder #KeePassDX für Android oder #KeePassium für iOS empfohlen mit der zusätzlichen Empfehlung, gerade auf mobilen Geräten nur diejenigen Konti/Passwörter zu speichern, die unterwegs wirklich dabei sein müssen.

#passwort #passwortmanager #cloudbasiert #sicherheit #ictsicherheit #sicherheitsluecken #ethz

@_DigitalWriter_ @chfkch @wrzlbrmpft Wenn wir von #E2E-Verschlüsselung sprechen, dann hat das nicht nur mit einer DB zu tun.

E2E beginnt beim Client & endet beim Client. Das betrifft also alles(!) dazwischen: Übertragung, Verarbeitung, Speicherung, ...

Insofern ein realistisches Angriffsszenario, gerade wenn es um Passwörter geht. Was ist denn noch sensibler als das?

Wir kennen auch die diverse Gesetzgebung, wo Betreiber von (US-)Services gezwungen werden, gegen die Interessen der Kund:innen zu agieren:
https://www.kuketz-blog.de/jenseits-der-grenzen-ueberblick-ueber-das-us-geheimdienstrecht/

Und dort werden dann die weltbesten staatlichen Hacker aktiv. Mit allen denkbaren technischen Mitteln.

Insofern: wer tatsächlich #Passwörter in eine #Cloud schickt (IMO wegen der Alternativen eine unnötig dumme Idee aber OK), der soll dann auch von einer funktionierenden E2E-Verschlüsselung ausgehen dürfen.

Alles andere ist sich ins die Tasche lügen. 🤷

Ad Cloud: https://karl-voit.at/cloud/

#Lastpass #1Pass #Bitwarden #Dashlane #Passwort #Passwortmanager

This is a great paper on the risks of malicious servers when using password managers: https://zkae.io/. I understood about 2% of it.

You have to dig down in the paper to see that there was pretty good engagement from the password manager developers, once contact was established. That's encouraging, particularly in the light of recent reputational damage suffered by LastPass, and doubts about its future under private equity ownership.

#crypto #passwordmanager #lastpass #dashlane #bitwarden #1password

Popular password managers fall short of “zero-knowledge” claims

https://cyberinsider.com/popular-password-managers-fall-short-of-zero-knowledge-claims/

#Bitwarden #LastPass #Dashlane #cybersecurity #PasswordManager

Here's an english link. https://www.swissinfo.ch/eng/various/researchers-find-major-security-gaps-in-password-managers/90951851 #1password

#enpass
#Bitwarden
#lastpass
#dashlane
#itsecurity
#datasafety
#passwordmanager
#unsafe

This is, why I hate it when I am forced to "share" the keys to my castles via the cloud of password-managers like 1Password. Most local (WiFi) sync suck, or simply are dysfunctional (yes, 1Password, looking at you!). You have to trust them to encrypt the vaults adequately, which in three cases has ben shown not to be safe at all. https://ethz.ch/de/news-und-veranstaltungen/eth-news/news/2026/02/passwortmanager-bieten-weniger-schutz-als-versprochen.html #1password #enpass #Bitwarden #lastpass #dashlane #itsecurity #datasafety #passwordmanager #unsafe

ETH-Forschende enthüllen gravierende Schwachstellen bei #Passwortmanager! 🚨

Eine neue Studie aus der Schweiz zeigt, dass gängige Anbieter ihr Sicherheitsversprechen nicht halten. «Wir waren überrascht, wie gross die Sicherheitslücken sind», sagt ein Professor.

Betroffen sind #Bitwarden, #Dashlane und #Lastpass. Mehr Infos:

https://www.tagesanzeiger.ch/eth-zuerich-passwortmanager-bitwarden-und-lastpass-unsicher-544252726718

#passwordsecurity #sicherheitslücke #dataprotection #datenschutz #cybersecurity

ETH-Forschende enthüllen gravierende Schwachstellen bei #Passwortmanager! 🚨

Eine neue Studie aus der Schweiz zeigt, dass gängige Anbieter ihr Sicherheitsversprechen nicht halten. «Wir waren überrascht, wie gross die Sicherheitslücken sind», sagt ein Professor.

Betroffen sind #Bitwarden, #Dashlane und #Lastpass. Mehr Infos:

https://www.tagesanzeiger.ch/eth-zuerich-passwortmanager-bitwarden-und-lastpass-unsicher-544252726718

#passwordsecurity #sicherheitslücke #dataprotection #datenschutz #cybersecurity

Vorsicht bei Passwortmanagern!

Eiskalt erwischt hat es gerade #Bitwarden, #Lastpass und #Dashlane - mit gemeinsam immerhin 23% Marktanteil.

#ethz #sicherheit

https://ethz.ch/de/news-und-veranstaltungen/eth-news/news/2026/02/passwortmanager-bieten-weniger-schutz-als-versprochen.html

Well #PasswordManagers were not as secure as we all thought.
All Password Managers that use a browser add-on/plugin for auto-fill functionality are susceptible to #ClickJacking security vulnerabilities that could be exploited to steal account credentials.
It works on all of them:
#LastPass
#Bitwarden
#iCloudPasswords
#Enpass
#1Password
#NordPass
#ProtonPass
#Keeper
#Dashlane
& yes even the one I use #KeePassXC
Some have pushed out updates.

More info: https://marektoth.com/blog/dom-based-extension-clickjacking/

#CyberSecurityNews

Passwortmanager sind angreifbar. Das fand Marek Tóth heraus und berichtete darüber auf der #DefCon33:
https://marektoth.com/blog/dom-based-extension-clickjacking/
Die von Tóth aufgedeckten Schwachstellen ermöglichen es Hackern, sensible Daten aus Passwort-Managern zu stehlen, darunter Kreditkartendaten, Namen, Adressen und Telefonnummern, wenn ein Opfer eine bösartige Website besucht. Darüber hinaus können Hacker, wenn eine anfällige Website, auf der Ihre Passwort-Manager-Anmeldedaten gespeichert sind, eine Cross-Site-Scripting-Schwachstelle (XSS) oder eine Subdomain-Übernahme aufweist, diese ausnutzen, um Anmeldedaten (Benutzernamen und Passwörter), 2FA-Codes und Passkeys zu stehlen.
Nach Updates gelten inzwischen folgende Passwortmanager als sicher: #Bitwarden #Dashlane, #Keeper, #NordPass, #ProtonPass & #RoboForm.

#infosec #passwortmanager #2FA#security #privacy #BeDiS

Weekly output: wireless-service satisfaction, ransomware survey, Dashlane report, Verizon fee increases, drone policy

I had one work event on my calendar this week that I don’t think rates as an appearance worth listing here, since I got roped into it at the last minute. I’d put the Internet Law & Policy Foundry’s tech-law trivia contest on my schedule Wednesday thinking it would be fun to watch, but then one of the contestants asked if I’d like to join their team–and we finished in third place. This was one of the first public trivia contests I’d joined since 1987, when I was a member of the high school team that won a New Jersey state championship, and it’s nice to see that I still have it or at least some of it.

This coming week has me traveling for work for the first time since the middle of June and to an event that first landed on my travel calendar in 2018: I’m headed to Las Vegas for the Black Hat information-security conference. The trip doesn’t include the DEF CON infosec conference that follows Black Hat, and on Patreon I explained why I opted out of that and feel a little guilty about it.

7/31/2025: People Like Wireless Service Best When It Doesn’t Involve the Big 3 Carriers, PCMag

The gap betweeen J.D. Power’s customer-satisfaction stats for the big three wireless carriers and that firm’s metrics for companies reselling the networks of AT&T, T-Mobile and Verizon caught my eye.

8/1/2025: Ransomware Victims Are Still Paying Up, Some More Than Once, PCMag

This survey published by the security firm Semperis got an unfortunate news peg when the Trump administration rescinded the West Point department-chair appointment of one of the report’s expert contributors, former Cybersecurity & Infrastructure Security Administration head Jen Easterly.

8/1/2025: This Password Manager Caught Some of Its Own Employees Not Using Its Product, PCMag

Dashlane’s PR folks offered me this story ahead of time. Since I have always found the fallible-human element of information security to be fascinating, I accepted the offer, and then my editors concurred.

8/1/2025: Months After Freezing Wireless Rates But Not Fees, Verizon Slips in a Fee Increase, PCMag

One of my colleagues brought this to my attention, and I was happy to set aside some time Friday morning to cover it.

8/2/2025: The Drone Industry Can’t Wait for This One Federal Regulation to Take Off, PCMag

I spent Tuesday and Wednesday at Nationals Park to cover a drone-policy conference hosted there by the trade group AUVSI, but I didn’t get around to writing it until Thursday night.

#AUVSI #BlackHat #ConsumerCellular #Dashlane #droneDelivery #drones #finePrint #JDPower #junkFees #NationalsPark #NatsPark #passwordManager #ransomware #Semperis #verizon #Vz #wirelessServices

Infosec products of the month: June 2025 https://www.helpnetsecurity.com/2025/06/27/infosec-products-of-the-month-june-2025/ #BarracudaNetworks #ContrastSecurity #EmbedSecurity #Malwarebytes #StellarCyber #Bitdefender #SpecterOps #StackHawk #AttackIQ #Cymulate #Dashlane #Fortanix #Fortinet #Varonis #Akamai #Lemony #Sumsub #Thales #BigID #Jumio #Tines #Vanta #News

Infosec products of the month: October 2024 https://www.helpnetsecurity.com/2024/11/01/infosec-products-of-the-month-october-2024/ #NucleusSecurity #LegitSecurity #VeeamSoftware #SAFESecurity #DataTheorem #GitGuardian #BreachLock #SECURITIai #Commvault #Dashlane #ExtraHop #Frontegg #Action1 #Metomic #Nametag #Sectigo #XMCyber #Balbix #Fastly #Ivanti #Kusari #Qualys #Rubrik #Edgio #Jumio #News #Neon #Okta #IBM

Infosec products of the month: October 2024 https://www.helpnetsecurity.com/2024/11/01/infosec-products-of-the-month-october-2024/ #NucleusSecurity #LegitSecurity #VeeamSoftware #SAFESecurity #DataTheorem #GitGuardian #BreachLock #SECURITIai #Commvault #Dashlane #ExtraHop #Frontegg #Action1 #Metomic #Nametag #Sectigo #XMCyber #Balbix #Fastly #Ivanti #Kusari #Qualys #Rubrik #Edgio #Jumio #News #Neon #Okta #IBM

Infosec products of the month: October 2024 https://www.helpnetsecurity.com/2024/11/01/infosec-products-of-the-month-october-2024/ #NucleusSecurity #LegitSecurity #VeeamSoftware #SAFESecurity #DataTheorem #GitGuardian #BreachLock #SECURITIai #Commvault #Dashlane #ExtraHop #Frontegg #Action1 #Metomic #Nametag #Sectigo #XMCyber #Balbix #Fastly #Ivanti #Kusari #Qualys #Rubrik #Edgio #Jumio #News #Neon #Okta #IBM

Infosec products of the month: October 2024 https://www.helpnetsecurity.com/2024/11/01/infosec-products-of-the-month-october-2024/ #NucleusSecurity #LegitSecurity #VeeamSoftware #SAFESecurity #DataTheorem #GitGuardian #BreachLock #SECURITIai #Commvault #Dashlane #ExtraHop #Frontegg #Action1 #Metomic #Nametag #Sectigo #XMCyber #Balbix #Fastly #Ivanti #Kusari #Qualys #Rubrik #Edgio #Jumio #News #Neon #Okta #IBM

Infosec products of the month: May 2024 https://www.helpnetsecurity.com/2024/06/03/infosec-products-of-the-month-may-2024/ #SecureCodeWarrior #AbnormalSecurity #AdaptiveShield #Cybersixgill #ManageEngine #SentinelOne #StrikeGraph #AuditBoard #Forcepoint #Proofpoint #Truecaller #Detectify #Eclypsium #SumoLogic #CyberArk #Dashlane #ExtraHop #OneTrust #PlexTrac #Synopsys #Appdome #Cranium #Datadog #FireMon #Trellix #Splunk #Calix #OWASP #News #Snyk

World Password Day: Top 10 Password Managers for Ultimate Digital Safety https://thecyberexpress.com/top-password-managers-for-digital-safety/ #GooglePasswordManager #TheCyberExpressNews #PasswordManagers #WorldPasswordDay #TheCyberExpress #FirewallDaily #1Password #Bitwarden #LogMeOnce #ZohoVault #Features #Dashlane #NordPass #RoboForm #Enpass #Keeper

5 Best Password Managers for Android in 2024 – Source: www.techrepublic.com https://ciso2ciso.com/5-best-password-managers-for-android-in-2024-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #passwordmanager #CloudSecurity #1Password #Bitwarden #Dashlane #NordPass #Security #Android #Keeper

Proton Pass permet désormais de partager un mot de passe en toute sécurité.

On vous explique comment ça marche.

#Proton #1Password #LastPass #Dashlane #NordPass #password #opensource #Suisse

https://lsdm.live/modules/news/article.php?storyid=4565

¿#Compartes #contraseñas ?
Trata de usar un gestor de contraseñas para que la otra persona pueda usarla sin llegar a verla.

El #gestor de #contraseñas que recomiendo es #Dashlane (enlace de #referido): https://www.dashlane.com/es/cs/kdFRRQooWPqw

Si tienes que entregar la contraseña, aquí tienes algunos consejos:
https://hipertextual.com/2022/11/compartir-contrasenas-seguridad