Security News > 2023 > February > Password-stealing “vulnerability” reported in KeePass – bug or feature?
It's been a newsworthy few weeks for password managers - those handy utilities that help you come up with a different password for every website you use, and then to keep track of them all.
At the end of 2022, it was the turn of LastPass to be all over the news, when the company finally admitted that a breach it suffered back in August 2022 did indeed end up with customers' password vaults getting stolen from the cloud service where they were backed up.
I can surprisingly easily steal your plaintext passwords, either in bulk, for example by dumping the whole database as an unencrypted CSV file, or as you use them, for example by setting a "Program hook" that triggers every time you access a password from the database.
Interestingly, KeyPass goes out of its way to stop your passwords being sniffed out when you use them, including using tamper-protection techniques to stop various anti-keylogger tricks even by users who already have sysadmin powers.
The KeyPass software also makes it surprisingly easy to capture plaintext password data, perhaps in ways you might consider "Too easy", even for non-administrators.
If you're a standalone KeyPass user, you can check for rogue Triggers like the "DNS Stealer" we created above by opening the KeyPass app and perusing the Tools > Triggers window.