Skip to main content

Ad

technology-iconTechnology
clock-iconPUBLISHEDFebruary 20, 2026
share55

Your Password Manager May Not Be As Secure As You Thought

Cryptography researchers have found ways to access data from a number of password managers, but it might not be time to switch just yet.

Tom Leslie headshot

Tom Leslie

Tom Leslie headshot

Tom Leslie

Editor & Staff Writer

Tom has a master’s degree in biochemistry from the University of Oxford and his interests range from immunology and microscopy to the philosophy of science.

Editor & Staff Writer

Tom has a master’s degree in biochemistry from the University of Oxford and his interests range from immunology and microscopy to the philosophy of science.View full profile

Tom has a master’s degree in biochemistry from the University of Oxford and his interests range from immunology and microscopy to the philosophy of science.

View full profile
EditedbyLaura Simmons
Laura Simmons headshot

Laura Simmons

Health & Medicine Editor

Laura holds a Master's in Experimental Neuroscience and a Bachelor's in Biology from Imperial College London. Her areas of expertise include health, medicine, psychology, and neuroscience.

The screen of a tablet showing login information.

Password managers make big claims about the security of their services, but do they hold up?

Image credit: Mohamed_hassan/Pixabay


Researchers have stress tested four popular cloud-based password managers and uncovered vulnerabilities that could allow a hacker to access users’ log-in data.

Passwords need to be different, hard to guess, and complex enough that a hacker can’t blast past them. Yet we are increasingly expected to handle vast numbers of them just to access the online services we want to use, potentially leaving us vulnerable to hackers.

Indeed, a 2024 survey by NordPass found that the average person has around 160 online passwords, meaning that for most people it is simply impractical to remember them all.

Enter the password manager. These products offer to store and even generate all your passwords for you. They encrypt them, upload them to a cloud-based server, and secure them behind a single master password, so you only need to remember one string of letters, symbols and digits to access all the online services you might require from any of your devices.

Even if you’ve never heard the term before, you’ve probably used a password manager. When Google Chrome or Apple’s Safari ask to remember your log-in information, that was password management. And many companies besides these have sprung up to offer this service.

But new research from ETH Zurich and the University of Lugano suggests these systems’ security isn’t as watertight as users might think.

In their study, the researchers assumed a scenario in which a password manager’s servers were entirely compromised by a malicious actor, meaning they can send whatever requests they want to a user’s computer. This is a harder challenge than has previously been considered in research on password managers, and the researchers justify it primarily because of the marketing many of these companies use, which emphasizes a concept called zero knowledge encryption.

Zero knowledge encryption has no formal definition, but the researchers believe it conveys the idea that the server storing a user’s passwords cannot learn anything about the user’s encrypted data – even if it is compromised.

That would seem to align with reassurances on some of these companies’ websites. Bitwarden, for example, tells users that "not even the team at Bitwarden can read your data (even if we wanted to)", while LastPass promised that "no one has access to your master password [...] or the data stored in your LastPass vault, except you".

The researchers probed the systems behind LastPass and Bitwarden, as well as Dashlane and 1Password, which together serve more than 60 million users and hold roughly a quarter of the password manager market. Apple and Google hold 55 per cent, but the researchers opted not to investigate them due to potential conflicts of interest.

The team found 27 distinct ways in which a malicious or compromised server could break into users’ password stores, which are known in the industry as vaults. In the most serious cases, an attacker could compromise all of an organization’s vaults. Not all password managers were equally susceptible, however, and they have since each published responses to the research, patching or at least acknowledging a number of the issues that were raised (here's LastPass's, BitWarden's, 1Password's, and Dashlane's).

Senior author Professor Kenneth Paterson at the Applied Cryptography Group at ETH Zurich told IFLScience that many of the weaknesses his team identified were enabled by features designed to make password managers more flexible and collaborative. “These kinds of attacks are possible because they added all of these sharing features,” he said.

They say we're zero-knowledge, we're end-to-end encrypted, we couldn't even look at your data if we tried. And it turns out that they could.

Professor Kenneth Paterson

Such features typically rely on public key cryptography, where one user requests another’s public key from the server to encrypt data for them. Under the researchers’ threat model, a malicious server could instead supply its own key. “There’s no way that you can tell,” Paterson explained. “I would be encrypting my vault, or more accurately, a key that's used to encrypt the vault, to a public key, which enables the server to decrypt it. And that's it, game over."

In secure messaging services that also use end-to-end encryption, this problem has been mitigated to some extent with “safety numbers”. In Paterson’s view, password managers are 10 years behind secure messengers in terms of addressing this issue. Given the difficulty for users to assess these services’ security through using them, he describes it as “a market for lemons”, an economic concept in which buyers of a product have less information than sellers.

"These companies advertise X, but they deliver Y, where Y is much less than X," Paterson told IFLScience. "They say we're zero-knowledge, we're end-to-end encrypted, we couldn't even look at your data if we tried. And it turns out that they could."

Time to abandon ship?

IFLScience contacted each provider to ask whether they agreed with this perceived gap between their marketing claims and what the research concluded.

The Bitwarden team argued that its marketing describes the way the system is intended to work, and that the research evaluates a different scenario entirely. It said the research does not show that Bitwarden can read vault contents “under the system’s intended operating model”.

Ruzanna Tantushyan, Senior Public Relations Manager at LastPass, also emphasized the hypothetical nature of the researchers' scenario, saying that it requires an attacker to fully compromise LastPass's servers – a situation she said the company has "invested millions of dollars" to protect against.

A response from a 1Password spokesperson further echoed this point, stressing that the attacks described in the paper would not have been possible under a traditional data breach. They also noted that even under the researchers' threat model, previously stored data at 1Password would not be at risk, and any exposure would be “limited to data encrypted after a key substitution event such as the final stages of an account recovery or when a vault is shared with an individual".

When presented with the contents of a whitepaper accessed by IFLScience, which stated that malicious actors "can't steal the information, even if Dashlane's servers are compromised", Jordan Fylonenko, Senior Director of Corporate Communications at Dashlane, said the company had recently updated its Security Principles and Architecture paper, and the whitepaper in question had been left up in error.

The whitepaper has since been removed, and the updated paper uses softer language, stating that "[e]ven if Dashlane's infrastructure is compromised, attackers should not be able to access stored credentials or secrets”.

Responding to the research, Lujo Bauer, a computer security and privacy researcher at Carnegie Mellon University who was not involved in the study, told IFLScience that a scenario where an attacker has complete control over a password manager’s servers is indeed a high bar to clear, but he agrees with the paper’s authors that it isn’t a “completely unreasonable assumption”.

“While it's true that some risks can't be completely mitigated, the paper points out others that can be,” he said.

“One of the password managers in question is also the one I use. I read their response, and I wish they had done more to acknowledge that there are things they should be able to fix. But at the same time, unless there are new developments, I don't plan to change how I store my passwords, because it's not clear that any even moderately convenient alternatives to using a cloud-based password manager are safer.”

The peer-reviewed research is available online as an eprint and is set to appear at the 2026 USENIX Security conference.

This article was amended to clarify why the researchers chose not to investigate Apple and Google.


Written by 

Add us as a Google preferred source to see more of our
trusted coverage in Search