ETH Zurich has demonstrated that the much-promoted promise of zero-knowledge encryption in password managers has significant gaps in practice.
Millions of users worldwide trust password managers with the most sensitive data of their digital lives: access credentials to bank accounts, corporate platforms, email inboxes. The providers of such services almost unanimously advertize with the promise of a so-called zero-knowledge architecture – the assurance that not even the operator themselves has access to the stored data. Researchers at ETH Zurich have now systematically put this promise to the test for the first time. The result is sobering.
The team led by Prof. Dr. Kenneth G. Paterson from the Applied Cryptography Research Group examined the security architecture of three market-leading services: Bitwarden, LastPass, and Dashlane. The three platforms together have around 60 million users and account for a combined market share of about 23 percent. As part of the study, the researchers simulated a realistic attack scenario: a compromised server that behaves maliciously toward the clients and deliberately provides manipulated responses during login or synchronization.
Overall, the researchers demonstrated 25 specific attacks on the three platforms. The spectrum ranges from targeted integrity breaches of individual password vaults to the complete compromise of all organizational data. In most cases, it was possible not only to view stored passwords but also to change them. Particularly concerning is the low technical entry barrier: The attacks do not require any special computing power and can be triggered by everyday user interactions – such as opening the vault or simply displaying saved access data.
Trustworthiness cannot be promised, only proven.
Prof. Dr. Paterson draws clear conclusions for the entire industry from the results: If a server is compromised and there is no independent, cryptographically secure verification of the counterpart, even the best encryption of the stored data is of little use. For password manager providers, this presents the challenge of fundamentally improving their practices in authenticity and integrity checks.
Reto Scagnetti, Area Vise President Southern Europe & Switzerland at DigiCert, sees a structural problem in the results that goes beyond individual providers. For companies that manage hundreds or thousands of employes and need to protect their access credentials to business-critical systems, password-based approaches reach their systemic limits. No matter how well a password manager is implemented, at the beginning of the chain there is always a shared secret that can be guessed, intercepted, or compromised thru social engineering.
Certificate-based identities as a solution
As a technological solution, Scagnetti refers to cryptographic identities. Digital certificates cryptographically verify the identity of users, devices, and services without the need for a shareable password. Authentication is carried out using asymmetric key pairs, where the private key never leaves the device. This approach not only eliminates the attack surface that password managers inherently bring, but also makes the central storage of sensitive access data unnecessary.
The ETH study ultimately makes visible what has been emerging in IT security for years: Passwords come from a time when digital systems were less interconnected and attacks were less targeted. For companies that want to seriously modernize their access security, there is hardly any alternative to certificate-based identities – even if the transition requires organizational investments.
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Contact via Mail: jakob.jung@security-storage-und-channel-germany.de