Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

A comprehensive security study has uncovered 25 distinct password recovery attacks across major cloud-based password managers, revealing critical vulnerabilities that could allow malicious servers to compromise user vaults and recover passwords.

Critical Vulnerabilities Found in Popular Password Managers

The research, conducted by ETH Zurich and Università della Svizzera italiana, examined three leading password management solutions: Bitwarden, Dashlane, and LastPass. The study found that these services, which collectively serve over 60 million users and nearly 125,000 businesses, are susceptible to various attack vectors that range from integrity violations to complete compromise of organizational vaults.

Understanding the Attack Vector

Researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson focused on the zero-knowledge encryption (ZKE) promises made by these password managers. ZKE is a cryptographic technique that allows one party to prove knowledge of a secret without revealing the secret itself, different from end-to-end encryption which primarily secures data in transit.

Breakdown of Discovered Attacks

The study identified four broad categories of attacks:

1. Key Escrow Account Recovery Exploits

These attacks target the account recovery mechanisms in Bitwarden and LastPass, exploiting vulnerabilities in their key escrow designs to compromise confidentiality guarantees.

2. Item-Level Encryption Flaws

By encrypting data items and sensitive user settings as separate objects while combining them with unencrypted or unauthenticated metadata, attackers can achieve integrity violations, metadata leakage, field swapping, and key derivation function (KDF) downgrade attacks.

3. Sharing Feature Exploits

Vulnerabilities in sharing features allow attackers to compromise vault integrity and confidentiality, potentially exposing shared passwords and sensitive information.

4. Legacy Code Compatibility Issues

Backwards compatibility with legacy code in Bitwarden and Dashlane creates opportunities for downgrade attacks, where older, less secure encryption methods can be forced.

Specific Vulnerability Counts

The research uncovered 12 distinct attacks against Bitwarden, seven against LastPass, and six against Dashlane. Additionally, 1Password was found vulnerable to both item-level vault encryption and sharing attacks, though the company considers these known architectural limitations.

Vendor Responses and Mitigations

Bitwarden

Bitwarden has addressed seven of the identified issues, with three remaining as intentional design decisions necessary for product functionality. The company is actively working on resolving the remaining vulnerabilities.

Dashlane

Dashlane has implemented a critical fix by removing support for legacy cryptography methods. The issue, which could allow server compromise to result in weak or easily guessable Master Password exposure, was resolved in Dashlane Extension version 6.2544.1 released in November 2025.

LastPass

LastPass is actively working to add stronger integrity guarantees to better cryptographically bind items, fields, and metadata. The company also plans to harden its admin password reset and sharing workflows to counter malicious intermediary threats.

1Password

1Password's security team reviewed the research and found no new attack vectors beyond those already documented in its publicly available Security Design White Paper. The company emphasized its use of Secure Remote Password (SRP) to authenticate users without transmitting encryption keys to servers, helping mitigate server-side attacks.

No Evidence of Exploitation

Importantly, there is currently no evidence that any of these vulnerabilities have been exploited in the wild. The research represents a theoretical attack scenario where the password manager's servers are compromised by malicious actors.

Implications for Enterprise Security

This research highlights the ongoing challenges in implementing truly secure password management solutions, even among established providers serving enterprise customers. Organizations relying on these services should review their security configurations and ensure they're using the latest versions with all security patches applied.

The findings underscore the importance of continuous security auditing and the need for password managers to evolve their cryptographic implementations to address emerging attack vectors while maintaining usability for their large user bases.

For users and organizations, this research serves as a reminder that even trusted security tools require ongoing vigilance and regular updates to maintain their protective capabilities against sophisticated threat actors.