Cybersecurity has become one of the largest growing fields in computer science and the technology industry. Faulty security has cost the global economy immense losses. Oftentimes, the pitfall in such financial loss is due to the security of passwords. Companies and regular people alike do not do enough to enforce strict password guidelines like the NIST (National Institute of Standard Technology) recommends. When big security breaches happen, thousands to millions of passwords can be exposed and stored into files, meaning people are susceptible to dictionary and rainbow table attacks. Those are only two examples of attacks that are used to crack passwords. In this paper, we will be going over three open-source password managers, each chosen for their own uniqueness. Our results will conclude on the overall security of each password manager using a list of established attacks and development of new potential attacks on such software. Additionally, we will compare our research with the limited research already conducted on password managers. Finally, we will provide some general guidelines of how to develop a better and more secure password manager.
© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. doi: 10.1109/PDCAT.2017.00013
Luevanos, Carlos; Elizarraras, John; Hirschi, Khai; and Yeh, Jyh-Haw. (2017). "Analysis on the Security and Use of Password Managers". 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT 2017): Proceedings, .