Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 14 submissions in the queue.
posted by cmn32480 on Thursday February 21 2019, @09:48AM   Printer-friendly
from the *********** dept.

A security consulting firm released a report on the safety of password managers. A non-geek, summarized version is also available at the Washington Post. (Summarized graphic of results.)

The password managers included in the study were 1Password 4, 1Password 7, Dashlane, KeePass, LastPass. Unfortunately, the testing was limited to Win10 even if the password managers were available on other platforms. They all had some flaws, but as reported, you should still use one. They were all tested for encryption method on the database, accessibility of the master password and keys in memory while unlocked, and the master password and keys in memory while locked.

All were evaluated to have adequate encryption on the file. 1Password 4 (which actually had better memory security than 1Password 7,) was best at keeping individual passwords safe in memory; while KeePass was best at keeping the Master Password safe in the memory tests (although Dashlane did the same while it while in a locked state.)


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday February 21 2019, @04:26PM

    by Anonymous Coward on Thursday February 21 2019, @04:26PM (#804555)

    With the Intel Management Engine (ME), you can hide data from your own user space, but if the ME is compromised, then it does not matter how secure your OS and software is. The only safe bet is to store your passwords away from the CPU and RAM. This is what Mooltipass and Memtype do.