Exploitable flaws found in sample of cloud-based password managers.

euroinfosec@infosec.exchange

Exploitable flaws found in sample of cloud-based password managers. Researchers say the "malicious server threat model" threatens vendors' "zero knowledge encryption" guarantees. They hope to raise the security baseline being offered by cloud-based password managers, by "pushing their vendors to either improve security or make clearer statements about what security their systems actually provide, so that customers can judge (perhaps with the help of expert guides) whether the products meet their requirements or not."
https://www.databreachtoday.com/exploitable-flaws-found-in-cloud-based-password-managers-a-30770