Security Evaluation of Password Managers: A Comparative Analysis and Penetration Testing of Existing Solutions
Guardado en:
| Publicado en: | International Conference on Cyber Warfare and Security (Mar 2025), p. 105 |
|---|---|
| Autor principal: | |
| Otros Autores: | , |
| Publicado: |
Academic Conferences International Limited
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3202190692 | ||
| 003 | UK-CbPIL | ||
| 035 | |a 3202190692 | ||
| 045 | 2 | |b d20250301 |b d20250331 | |
| 084 | |a 142229 |2 nlm | ||
| 100 | 1 | |a Gallus, Petr |u University of Defence, Brno, Czech Republic | |
| 245 | 1 | |a Security Evaluation of Password Managers: A Comparative Analysis and Penetration Testing of Existing Solutions | |
| 260 | |b Academic Conferences International Limited |c Mar 2025 | ||
| 513 | |a Conference Proceedings | ||
| 520 | 3 | |a In both personal and organizational contexts, password managers have become indispensable tools for the protection and management of sensitive digital information. With the growing reliance on online services, the security of password storage solutions is paramount to defending against data breaches, unauthorized access, and other forms of cyberattacks. This paper presents a detailed analysis of password managers over the last two decades, focusing on the evolution of security mechanisms and strategies for safeguarding master passwords, encryption methodologies, and backup procedures. By tracing the historical development of these tools, significant advancements in securing user credentials are highlighted. A thorough evaluation of the most widely used password managers, such as LastPass, 1Password, Bitwarden, or Dashlane, is conducted, with attention to their adherence to modern security standards, including encryption algorithms (e.g., AES-256), zero-knowledge architecture, and multi-factor authentication. The comparative analysis identifies both the strengths and weaknesses of these solutions, particularly in how effectively they defend against common attack vectors such as brute-force attacks, phishing, and malware. In the practical section, a structured penetration testing framework is introduced to assess the resilience of selected password managers under various real-world attack scenarios. This framework is intended not only to evaluate the current robustness of these tools but also to offer insight into potential vulnerabilities that may not yet be widely recognized. While the discovery of significant new security flaws is not anticipated, this evaluation serves as a validation of the security models employed by these products. The findings are expected to contribute to the ongoing development of more secure password management solutions, offering practical recommendations for developers, security professionals, and end-users. The paper concludes with a forward-looking discussion on how emerging cybersecurity trends, such as biometrics, decentralized security models, and quantum computing, may shape the future of password management tools. | |
| 653 | |a Encryption | ||
| 653 | |a Standards | ||
| 653 | |a Data integrity | ||
| 653 | |a Quantum computing | ||
| 653 | |a Usability | ||
| 653 | |a Managers | ||
| 653 | |a Security management | ||
| 653 | |a Biometrics | ||
| 653 | |a Passwords | ||
| 653 | |a Knowledge | ||
| 653 | |a Cybersecurity | ||
| 653 | |a Knowledge management | ||
| 653 | |a Algorithms | ||
| 653 | |a Malware | ||
| 653 | |a Compliance | ||
| 653 | |a Cybercrime | ||
| 653 | |a Comparative analysis | ||
| 653 | |a Historical development | ||
| 653 | |a Management | ||
| 653 | |a Decentralization | ||
| 653 | |a Robustness | ||
| 653 | |a Evaluation | ||
| 653 | |a Security | ||
| 653 | |a Resilience | ||
| 653 | |a Data encryption | ||
| 653 | |a Storage | ||
| 653 | |a Credentials | ||
| 653 | |a Cryptography | ||
| 653 | |a Penetration | ||
| 653 | |a Unauthorized | ||
| 700 | 1 | |a Stanék, Dominik | |
| 700 | 1 | |a Klaban, Ivo | |
| 773 | 0 | |t International Conference on Cyber Warfare and Security |g (Mar 2025), p. 105 | |
| 786 | 0 | |d ProQuest |t Political Science Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3202190692/abstract/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3202190692/fulltext/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3202190692/fulltextPDF/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |