Leo@lemmy.linuxuserspace.showM to Linux and Tech News@lemmy.linuxuserspace.showEnglish · 8 days agoMajor password managers can leak logins in clickjacking attackswww.bleepingcomputer.comexternal-linkmessage-square23fedilinkarrow-up131arrow-down10cross-posted to: [email protected]
arrow-up131arrow-down1external-linkMajor password managers can leak logins in clickjacking attackswww.bleepingcomputer.comLeo@lemmy.linuxuserspace.showM to Linux and Tech News@lemmy.linuxuserspace.showEnglish · 8 days agomessage-square23fedilinkcross-posted to: [email protected]
minus-squarehalcyoncmdr@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·edit-28 days agoThey tested 11 popular password managers, Keepass wasn’t one of them. So if it wasn’t even tested for attacks that nearly every other manager fails at least 1 aspect of, then you should assume it’s not safe either.
minus-squaregrue@lemmy.worldlinkfedilinkEnglisharrow-up4·8 days ago then you should assume it’s not safe either. Well, except that the method of exploit was involving the web browser plugin, which isn’t a thing Keepass does to begin with.
minus-squarearcterus@piefed.blahaj.zonelinkfedilinkEnglisharrow-up2·8 days agoThere is an extension, but it’s significantly simpler than the other providers.
They tested 11 popular password managers, Keepass wasn’t one of them.
So if it wasn’t even tested for attacks that nearly every other manager fails at least 1 aspect of, then you should assume it’s not safe either.
Well, except that the method of exploit was involving the web browser plugin, which isn’t a thing Keepass does to begin with.
There is an extension, but it’s significantly simpler than the other providers.