cross-posted from: https://infosec.pub/post/42164102
Researchers demo weaknesses affecting some of the most popular options Academics say they found a series of flaws affecting three popular password managers, all of which claim to protect user credentials in the event that their servers are compromised.…
Thats really disappointing. At least the selfhosted version means it would have to be a heavily targeted attack.
I don’t think it should be disappointing. Bitwarden welcomes third party security testing, especially given it is open source. The tests done were just tests, and the issues were already fixed.
Yeah, after seeing their response I’m quite satisfied. They’re one of the good guys and I hope it stays that way.