Security Analysis of Some Password Managers

There are a bunch of password managers using master password to protect data, but not all of them meet the requirements of the second generation, even though some of them claiming military grade encryption.

The security design of most password managers have not been published. I can only have a chance of close look from limited public information. Let's checkout the report from TeamSIK who did a great job to help password managers improve their design and implementation in 2016. It is concluded that some of them did not qualify as the second generation at that time. Since the report was years ago and all the vulnerabilities in the report have been fixed, it does not mean those password managers do not meet or surpass the requirements of the second generation now.

Back to The Evolution of Password Manager (2/4)