Security news aggregator

Latest coverage for Password Manager

Password managers store and generate credentials, helping reduce password reuse while creating security risks if a vault or master key is compromised.

55 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Password managers are applications or services that generate, store, and fill credentials from an encrypted vault. Access typically depends on a master password, sometimes supplemented by multi-factor authentication (MFA); this lets each account use a long, unique secret without requiring users to memorize it. Some also store passkeys, recovery codes, or other sensitive notes, making the vault a high-value asset.

Security depends on both cryptography and surrounding software: a compromised desktop client, browser extension, synchronization service, or malicious update could expose secrets, while a weak master password or unsafe recovery process can undermine the vault. Origin-aware autofill can reduce phishing exposure, but users should verify login domains and avoid importing or sharing credentials unnecessarily. Practitioners should examine encryption and key handling, MFA and recovery controls, update history, breach disclosure, logging, and enterprise offboarding and credential-rotation features.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 55

'Malicious Server Threat Model' Threatens 'Zero Knowledge Encryption' GuaranteesClaims by leading stand-alone password managers that their implementation of "zero knowledge encryption" means stored passwords can withstand the worst of hacker assaults are vastly overblown, say academic security researchers. They said vendors are in the process of patching the flaws they found.

Phishing campaign tries to reel in master passwords Password managers make great targets for attackers because they can hold many of the keys to your kingdom. Now, LastPass has warned customers about phishing emails claiming that action is required ahead of scheduled maintenance and told them not to fall for the scam. …

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasizes practicality over feature overload, aiming to provide a reliable system for teams that already rely

Bank Info Security 7 months ago

UK ICO Fines LastPass Over 2022 Data Breach

Password Manager Must Pay 1.2M PoundsThe British data regulator imposed a fine of 1.2 million pounds against password manager LastPass over a 2022 data breach that exposed the data of millions of its customers. Unidentified hackers stole backup data from LastPass's Amazon Web Services S3 bucket.

Loading more headlines...