Your passwords are in danger if you have used this key manager

We can say that using password managers is a good option to protect access codes. They serve to store them, generate them correctly and not have to memorize them. That gives us the freedom to have really strong keys. The problem is that sometimes vulnerabilities can arise and cause those passwords to be exposed. This is what has happened with Bitwarden , which is one of the most popular key managers.

A bug allows Bitwarden passwords to be stolen

Your passwords are in danger if you have used this key manager

If you have used Bitwarden to store your keys, be careful because they could have been stolen. Specifically, hackers have been able to use iframes to steal passwords . They have been able to exploit autocomplete and allow malicious iframes on trusted websites to steal user credentials.

This is not a current news, but it is the fact that a group of Flashpoint security researchers have indicated that legitimate web pages that use iframes still exist and can be exploited by hackers.

But what exactly is this function? When you enter a website, for example a page to buy a product, you enter your data and passwords. The Bitwarden extension stores them so you don’t have to put them back next time. Basically what it does is remember them and saves us time when we have to enter again. It is something that Google’s key manager also has, for example.

The problem is that from Flashpoint, while analyzing Bitwarden, they detected that the extension also autocompletes forms defined in embedded iframes, something that can also happen in external domains. What it can do is wait for the victim to put their data in and forward it to a remote server controlled by the attackers.

But they detected a second problem. While investigating, they found that Bitwarden will also autofill credentials on subdomains of the base domain that match a login. This allows an attacker hosting a Phishing website under a subdomain that matches a stored login to capture the credentials when the victim visits that site.

Enviar archivos con Bitwarden

How to avoid problems

From Bitwarden they have indicated that the autocomplete function is a potential risk and that they warn of it. Compromised websites can abuse this feature. Our advice is that, if you have used this password manager and have used this auto-completion function, check your passwords well and change them to avoid problems.

You can always check if a password has been stolen and take action as soon as possible . However, our advice is always to periodically update the access codes. This is the best in order to avoid vulnerabilities that may appear, not only in key managers but in any platform you use on the network.

Also, it’s a good idea to enable two-factor authentication on all platforms where it’s available. It’s an extra security barrier that you can use to prevent them from breaking into your accounts even if they manage to steal the password. They will always need a second step. Using offline password managers is also a good idea to avoid external problems.

In short, as you can see, there has been a new problem that affects an important password manager such as Bitwarden. Taking precautions and acting correctly when problems arise is key to properly protecting accounts.