Password managers' zero-knowledge claims fail when servers are compromised

Password managers have moved from niche tools to widespread use, storing not only passwords but cryptocurrency credentials, payment card numbers, and other sensitive data. Major vendors market a “zero knowledge” design that purports to prevent anyone — including the vendor or an attacker who gains control of cloud infrastructure — from reading users’ vaults.

Bitwarden, Dashlane, and LastPass all make such assurances to their combined tens of millions of users. New research that reverse-engineered and closely analyzed those three products shows the guarantees are not absolute when certain features are enabled. The teams from ETH Zurich and USI Lugano found ways that an administrator or a server-level attacker can read or even modify vault contents.

The researchers said the flaws are numerous but mostly not deeply technical, and they noted other password managers — one named publicly was 1Password — may share similar weaknesses. Several attacks exploit key-escrow and account-recovery flows.

password manager, zero knowledge, bitwarden, dashlane, lastpass, 1password, eth zurich, usi lugano, key escrow, account recovery