Recent research from ETH Zurich has exposed significant weaknesses in three prominent cloud-based password managers: Bitwarden, LastPass, and Dashlane. The study reveals 25 vulnerabilities that could potentially allow unauthorized access to users’ stored passwords and vault data, posing a severe risk to over 60 million users worldwide.
Understanding the Vulnerabilities
The researchers focused on the client-server interactions of these password managers under a fully malicious server threat model. Despite claims of ‘zero-knowledge encryption’ from these services, which supposedly prevent servers from accessing plaintext vault data, the study highlights several failures in maintaining confidentiality and integrity.
The identified attacks fall into four categories: issues with key escrow mechanisms, flaws in item-level vault encryption, exploits of sharing features, and vulnerabilities due to backward compatibility. These weaknesses allow malicious servers to bypass security protocols, potentially compromising entire user vaults.
Detailed Analysis of the Flaws
Key escrow attacks, targeting account recovery and Single Sign-On (SSO) mechanisms, can lead to full vault compromise. In Bitwarden, for instance, unauthenticated keys used in auto-enrollment and key rotation can be exploited. Similarly, LastPass’s password reset processes are vulnerable to attacks.
Item-level encryption flaws result in breaches of data integrity, metadata exposure, and the potential for brute-force attacks. Bitwarden and Dashlane, among others, suffer from issues like field swapping and decryption of sensitive metadata, which weaken their security posture.
Impact and Mitigation Strategies
These vulnerabilities are particularly alarming as they often require minimal user interaction to exploit, such as a single login or data synchronization. Researchers have responsibly disclosed these findings, urging vendors to apply critical patches and update their security protocols.
Bitwarden, LastPass, and Dashlane have started implementing fixes, including enhanced key separation and the removal of insecure encryption standards. Users are advised to keep their software updated, use per-item keys if available, and stay informed on security patches to protect their data.
The study underscores the necessity for password managers to adopt formal security models akin to those used in end-to-end encrypted cloud storage. As threats evolve, maintaining robust and up-to-date security measures becomes ever more crucial.
