Car Hacking: More likely to be done by a mechanic than by a hacker
infosec

Car Hacking: More likely to be done by a mechanic than by a hacker

When we talk about car hacking, it comes to mind a hacker who gets remote access to the car system ...
Read More
infosec

Sri Lanka: Blocks access to social media

The government of Sri Lanka has temporarily blocked access to various social media services following deadly explosions that erupted ...
Read More
infosec tweaks

How to hack networks with Wi-Fi passwords

Probably you have a Wi-Fi network in your home or stay close to one (or more) that appears in ...
Read More
infosec tweaks

What is Social Engineering, what are its techniques and how to protect yourself?

Social Engineering is the term used for a wide range of malicious activities that are accomplished through human interactions. Uses the ...
Read More
infosec tweaks

Cryptocurrency: Ways to Enhance Your Privacy

Privacy and privacy on the internet are of great importance. It is not enough to take one or two measures to protect ...
Read More
Latest Posts

Are you secure with password managers on Android?

Fraunhofer Institute security researchers found serious security concerns in nine password managers for Android when they surveyed them for their research.

Password managers are popular applications used to store authentication information. All currently running applications promise secure storage locally (on your computer, or generally on the system that uses them) or web storage in a Cloud. Some applications come with both options.password managers

A recent study by the Fraunhofer Institute has analyzed nine password managers for Google's Android operating system. Researchers analyzed the following applications:

LastPass, 1Password, My Passwords, DashLane Password Manager, Informaticore's Password Manager, F-Secure Keys, Keepsafe, Keeper, and Avast Passwords.

Some of these have more than 50 millions of installations.

The group's conclusions were very worrying for users of these applications on the Android platform.

The survey revealed that password storage applications, despite their claims, do not provide adequate protection mechanisms, and sometimes abuse users' confidence by endangering them.

Three vulnerabilities were detected only in LastPass. The first is a hard-coded master key, the second reports data leaks through the browser, and finally a vulnerability that affects LastPass 4.0.x for Android and allows hackers to steal their primary saved password.

At least one vulnerability has been identified in each of the above-mentioned applications analyzed by the researchers. Apart from the three above mentioned and not only observed in LastPass, another case has been identified that by installing a simple utility, extracting passwords was a game.

You can read all vulnerabilities for each of the above applications from the following link:

https://team-sik.org/trent_portfolio/password-manager-apps/

Let's say some of these security gaps have already been repaired, while some others are still under development. This means you should be very careful if you use password managers on the Android platform.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *