Number of password managers on Android was insufficiently protected’

Mar

1

2017

A group of German security researchers called TeamSIK, presented a report containing an assessment of the security of nine popular password managers on Android. All nine password managers were defective, which have now been resolved.

The group of researchers working at the Fraunhofer Institute for Secure Information Technology in the German Darmstadt, has looked at the safety of nine password managers: My Passwords, Informaticore password manager, LastPass, Goalkeeper, F-Secure KEY, Dash Lane, Hide Pictures Keep Safe Vault Avast Passwords and 1Password. In each application, the researchers have discovered one or more vulnerabilities. It appears from the report of the research team.

The group found a number of serious vulnerabilities. For example, some password managers kept the chosen passwords in plaintext. Were also the encryption keys included in the programming code in some cases. This allows attackers could quite easily circumvent the security algorithm and access the user data. In other cases, the researchers were able to gain access via another app to all stored passwords. Also found that most password managers did not take seriously the problem of sniffing clipboard. Here, the authentication data is not removed from the Clipboard after they are copied to it.

The nine password managers were chosen based on the number of downloads in the Google Play Store. The research team calls the results very worrying. According to the researchers let their research shows that password managers, despite their claims to be very safe, stabbing drop in the protection of stored passwords.

Viewing:-59

In: Technology & Gadgets Asked By: [16532 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »