ACCORDING to ETH Zurich and USI Lugano, many users assume zero-knowledge password managers cannot be compromised, but new research shows several attack paths exist when account recovery is enabled or vaults are shared or grouped. The paper examined Bitwarden, Dashlane, and LastPass—used by roughly 60 million people—and found ways a server administrator or an attacker who has gained server control can read or even steal entire vaults, or weaken encryption to plaintext in some cases.
The researchers highlight attacks targeting key escrow, account recovery, and backward compatibility with older app versions, noting that in practice some scenarios allow reading or modification of vault contents. They also discuss a vulnerability in LastPass, where a superadmin's RSA keys could be leveraged during login to exfiltrate data, and point to a potential weakness in 1Password where a malicious or compromised server could supply dishonest public keys.
While many vendors emphasise “zero knowledge” in marketing, the authors stress that client-server dynamics can undermine these assurances, and note that several companies have since patched or mitigated some of the described flaws.