Document Type
Event
Start Date
23-4-2023 5:00 PM
Description
As the ubiquity of password managers has increased so too has the incentive for malicious actors to compromise them. This project’s purpose is to investigate password manager software for potential security vulnerabilities. The team chose, researched, and probed a popular password manager for weaknesses. Multiple attack vectors for cracking the security of the software were discovered. The most promising of these vectors were, one, the usage of malicious extensions for Internet browsers to circumvent the security of the password manager software which often interfaces with said browsers for user convenience, and two, the deployment of a malware disguised as an update for the password manager.
UC-315 Cybersecurity Analysis of Password Managers
As the ubiquity of password managers has increased so too has the incentive for malicious actors to compromise them. This project’s purpose is to investigate password manager software for potential security vulnerabilities. The team chose, researched, and probed a popular password manager for weaknesses. Multiple attack vectors for cracking the security of the software were discovered. The most promising of these vectors were, one, the usage of malicious extensions for Internet browsers to circumvent the security of the password manager software which often interfaces with said browsers for user convenience, and two, the deployment of a malware disguised as an update for the password manager.