all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Bitwarden design flaw: Server side iterations

Add to bookmarks
Jan. 23, 2023, 10:57 a.m. |

Almost Secure palant.info

In the aftermath of the LastPass breach it became increasingly clear that LastPass didn’t protect their users as well as they should have. When people started looking for alternatives, two favorites emerged: 1Password and Bitwarden. But do these do a better job at protecting sensitive data?


For 1Password, this question could be answered fairly easily. The secret key functionality decreases usability, requiring the secret key to be moved to each new device used with the account. But the fact that …

1password aftermath bitwarden breach data design device flaw job key lastpass lastpass breach people protect protecting question secret secret key sensitive data server server side usability

Visit resource

More from palant.info / Almost Secure

Numerous vulnerabilities in Xunlei Accelerator application 1 month, 1 week ago | palant.info
accelerator application china chrome +10
Implementing a “Share on Mastodon” button for a blog 6 months ago | palant.info
articles blog button easier +11
A year after the disastrous breach, LastPass has not improved 7 months, 1 week ago | palant.info
attackers breach community data +7
Chrome Sync privacy is still very bad 7 months, 3 weeks ago | palant.info
article bad chrome firefox +3
Why browser extension games need access to all websites 10 months ago | palant.info
access browser browser extension browser extensions +12
Another cluster of potentially malicious Chrome extensions 10 months, 1 week ago | palant.info
ad blockers called chrome chrome extensions +11
Introducing PCVARK and their malicious ad blockers 10 months, 2 weeks ago | palant.info
adblock ad blocker ad blockers blocker +8
How malicious extensions hide running arbitrary code 10 months, 2 weeks ago | palant.info
article avast chrome chrome web store +11
More malicious extensions in Chrome Web Store 10 months, 2 weeks ago | palant.info
article chrome chrome web store code +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs