Streaming Media

Document Type

Event

Start Date

23-4-2023 5:00 PM

Description

As the ubiquity of password managers has increased so too has the incentive for malicious actors to compromise them. This project’s purpose is to investigate password manager software for potential security vulnerabilities. The team chose, researched, and probed a popular password manager for weaknesses. Multiple attack vectors for cracking the security of the software were discovered. The most promising of these vectors were, one, the usage of malicious extensions for Internet browsers to circumvent the security of the password manager software which often interfaces with said browsers for user convenience, and two, the deployment of a malware disguised as an update for the password manager.

Share

COinS
 
Apr 23rd, 5:00 PM

UC-315 Cybersecurity Analysis of Password Managers

As the ubiquity of password managers has increased so too has the incentive for malicious actors to compromise them. This project’s purpose is to investigate password manager software for potential security vulnerabilities. The team chose, researched, and probed a popular password manager for weaknesses. Multiple attack vectors for cracking the security of the software were discovered. The most promising of these vectors were, one, the usage of malicious extensions for Internet browsers to circumvent the security of the password manager software which often interfaces with said browsers for user convenience, and two, the deployment of a malware disguised as an update for the password manager.