Hdl Handle:
http://hdl.handle.net/10545/620627
Title:
Forensically-sound analysis of security risks of using local password managers
Authors:
Gray, Joshua; Franqueira, Virginia N. L. ( 0000-0003-1332-9115 ) ; Yu, Yijun ( 0000-0002-7154-8570 )
Abstract:
Password managers address the usability challenge of authentication, i.e., to manage the effort in creating, memorising, and entering complex passwords for an end-user. Offering features such as creating strong passwords, managing increasing number of complex passwords, and auto-filling of passwords for variable contexts, their security is as critical as the assets being protected by the passwords. Previous security risk analyses have focused primarily on cloud- and browser-based password managers, whilst the security risks of local password managers were left under-explored. Taking a systematic forensic analysis approach, this paper reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). It revealed risks that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after applications had been closed. As a consequence, an attacker or a malware with access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times. These findings point to directions to mitigate the identified risks.
Affiliation:
University of Derby; The Open University
Citation:
Gray, Joshua; Franqueira, Virginia N. L. and Yu, Yijun (2016). Forensically-Sound Analysis of Security Risks of using Local Password Managers. In: 1st International Workshop on Requirements Engineering for Investigating and Countering Crime, 13 September 2016, Beijing, IEEE.
Publisher:
IEEE Computer Society
Issue Date:
12-Sep-2016
URI:
http://hdl.handle.net/10545/620627
DOI:
10.1109/REW.2016.034
Additional Links:
http://ieeexplore.ieee.org/document/7815617/; http://irenic.lero.ie/programme.html
Type:
Meetings and Proceedings
Language:
en
ISBN:
9781509036943
Sponsors:
HEFCE Police Knowledge Fund; EC (European Commission): FP (inc.Horizon2020 & ERC schemes) Adaptive Security And Privacy (XC-11-004-BN) Project ID: 291652
Appears in Collections:
Department of Electronics, Computing & Maths

Full metadata record

DC FieldValue Language
dc.contributor.authorGray, Joshuaen
dc.contributor.authorFranqueira, Virginia N. L.en
dc.contributor.authorYu, Yijunen
dc.date.accessioned2016-10-17T15:49:26Z-
dc.date.available2016-10-17T15:49:26Z-
dc.date.issued2016-09-12-
dc.identifier.citationGray, Joshua; Franqueira, Virginia N. L. and Yu, Yijun (2016). Forensically-Sound Analysis of Security Risks of using Local Password Managers. In: 1st International Workshop on Requirements Engineering for Investigating and Countering Crime, 13 September 2016, Beijing, IEEE.en
dc.identifier.isbn9781509036943-
dc.identifier.doi10.1109/REW.2016.034-
dc.identifier.urihttp://hdl.handle.net/10545/620627-
dc.description.abstractPassword managers address the usability challenge of authentication, i.e., to manage the effort in creating, memorising, and entering complex passwords for an end-user. Offering features such as creating strong passwords, managing increasing number of complex passwords, and auto-filling of passwords for variable contexts, their security is as critical as the assets being protected by the passwords. Previous security risk analyses have focused primarily on cloud- and browser-based password managers, whilst the security risks of local password managers were left under-explored. Taking a systematic forensic analysis approach, this paper reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). It revealed risks that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after applications had been closed. As a consequence, an attacker or a malware with access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times. These findings point to directions to mitigate the identified risks.en
dc.description.sponsorshipHEFCE Police Knowledge Fund; EC (European Commission): FP (inc.Horizon2020 & ERC schemes) Adaptive Security And Privacy (XC-11-004-BN) Project ID: 291652en
dc.language.isoenen
dc.publisherIEEE Computer Societyen
dc.relation.urlhttp://ieeexplore.ieee.org/document/7815617/en
dc.relation.urlhttp://irenic.lero.ie/programme.htmlen
dc.subjectPassword managersen
dc.subjectAuthenticationen
dc.subjectSecurity risken
dc.subjectDigital forensicsen
dc.titleForensically-sound analysis of security risks of using local password managersen
dc.typeMeetings and Proceedingsen
dc.contributor.departmentUniversity of Derbyen
dc.contributor.departmentThe Open Universityen
dc.right.copyright© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.en
All Items in UDORA are protected by copyright, with all rights reserved, unless otherwise indicated.