Cybersecurity Analysis of Password Managers

We analyzed the most popular password managers in the market to determine their security vulnerabilities and flaws.

Learn More

Meet the Team

Lita Massengale

Zack Rasheed

Ruben Vazquez

Project Manager

Research

Caleb Fox

Katie Shirilla

Research

Overview

Over recent years, password managers have grown exponentially in popularity as a resource for businesses and consumers alike. Though the concept of centralized passwords is a dream to consumers, it is a hacker’s dream as well. With this capstone project we seek to uncover vulnerabilities in the top password managers on the market. We will be researching 1Password, Bitwarden, LastPass, Google Chrome, and Firefox for this project. We will then conduct a controlled exploit attack against one of the password managers to prove its vulnerabilities and analyze our results.

Testimonials

At a Glance

For more information regarding each submission, please visit each deliverable's page. Listed below are quick access links to each presentation we conducted.

Milestone 1 Presentation

Milestone 2 Presentation

Final Presentation

Our Findings:

Bitwarden Vulnerability: Unsuccessful

Brute force is not possible for bitwarden has mitigated risk by only allowing 5 attempts before lockout is enabled as well as allowing the user to use special characters within the simple passcode for desktop users. Even if bitwarden didn’t have a lockout feature a nine digit pin would have 10^9 = 1,000,000,000 different possibilities.

Clients

Affiliation:

CCSE

IT 4983 Section 01

Department Site

Contact