LastPass: Critical Flaws Found In Password Managers With Credential Risk

Researchers have detailed a series of quickly patched vulnerabilities in five popular password managers that could allow attackers to steal user credentials. "Critical" vulnerabilities were discovered and reported in LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword in work described by the University of California Berkeley researchers as a "wake-up call" for developers of web password vaults. "Our attacks are severe: in four out of the five password managers we studied, an attacker can learn a user

The link for this article located at The Register UK is no longer available.