Vulnerability in the Kaspersky Password Manager

2021-07-06 14:27

The password generator included in Kaspersky Password Manager had several problems.

All the passwords it created could be bruteforced in seconds.

This article explains how to securely generate passwords, why Kaspersky Password Manager failed, and how to exploit this flaw.

It also provides a proof of concept to test if your version is vulnerable.

Stupid programming mistake, or intentional backdoor? We don't know.

I also recommend my own password manager: Password Safe.

News URL

https://www.schneier.com/blog/archives/2021/07/vulnerability-in-the-kaspersky-password-manager.html

#kaspersky #passwordmanager #vulnerability

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Kaspersky		23	0	19	16	6	41