Kommentieren Mar 20 2017
Sind Passwordmanager wirklich die Lösung für all unsere Passwortprobleme?
There are different policies for the generation of secure passwords. However, one of the biggest challenges is to memorize all these complex passwords. Password manager applications are a promising way of storing all sensitive passwords cryptographically secure. Accessing these passwords is only possible if the user enters a secret master password. At first sight, the requirements for a password manager application seem simple: Storing the passwords of a user centralized in a secure and confidential way. However, how is the reality on mobile, password manger applications, especially on Android? Applications vendors advertise their password manager applications as “bank-level” or “military-grade” secure. However, can users be sure that their secrets are actually stored securely? Despite the vendors’ claims, is it nevertheless possible to obtain access to the stored credentials?
Selbst wenn nun die gefundenen Probleme behoben sind, sind Passwordmanager immer noch ein Honeypot und anlaufstelle für die die nach Passwörtern suchen.