Forensically-sound analysis of security risks of using local password managers
Name:
(pre-print) Gray, Franqueira & ...
Size:
341.0Kb
Format:
PDF
Description:
pre-print version
Abstract
Password managers address the usability challenge of authentication, i.e., to manage the effort in creating, memorising, and entering complex passwords for an end-user. Offering features such as creating strong passwords, managing increasing number of complex passwords, and auto-filling of passwords for variable contexts, their security is as critical as the assets being protected by the passwords. Previous security risk analyses have focused primarily on cloud- and browser-based password managers, whilst the security risks of local password managers were left under-explored. Taking a systematic forensic analysis approach, this paper reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). It revealed risks that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after applications had been closed. As a consequence, an attacker or a malware with access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times. These findings point to directions to mitigate the identified risks.Citation
Gray, Joshua; Franqueira, Virginia N. L. and Yu, Yijun (2016). Forensically-Sound Analysis of Security Risks of using Local Password Managers. In: 1st International Workshop on Requirements Engineering for Investigating and Countering Crime, 13 September 2016, Beijing, IEEE.Publisher
IEEE Computer SocietyDOI
10.1109/REW.2016.034Type
Meetings and ProceedingsLanguage
enISBN
9781509036943ae974a485f413a2113503eed53cd6c53
10.1109/REW.2016.034