The Malwarebytes post is based on research from February 16:

ETH Zurich: Password managers less secure than promised https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

Malwarebytes (sales pitch included): Password managers keep your passwords safe, unless… https://www.malwarebytes.com/blog/news/2026/02/password-managers-keep-your-passwords-safe-unless #infosec #passwordmanagers

I never liked the idea of using cloud-based password managers. There are news stories all the time about some type of data breach. Each additional person having their passwords on a server makes the payout incrementally more attractive, more valuable.

https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/ #Security #PasswordManagers #Tech

Password managers less secure than promised

https://ethz.ch/en/news-and-events/eth-news/news/2026/02/password-managers-less-secure-than-promised.html

#HackerNews #PasswordManagers #SecurityConcerns #CyberSecurity #DataPrivacy #TechNews

Password managers
I’ve tried several password managers and Bitwarden still stands out. It stores payment cards, identity, SSH keys and more. It's hosted un EU and open source! The best part: a strong master password protects everything, while you can use a simple PIN for daily access. It has a Linux app, Firefox extension, Android app and more. #PasswordManagers #Bitwarden #Security #OpenSource #EUservice

And this puts me one step closer to migrating my cloud vault in-house...

Password managers' promise that they can't see your vaults isn't always true

https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/

#PasswordManagers #ZeroKnowledge #Security #Privacy #Vulnerabilities #Tech

https://winbuzzer.com/2026/02/19/microsoft-edge-145-password-manager-security-fixes-xcxwbn/

Edge 145 Rolls Out with Password Upgrades and Security Patches

#Edge145 #MicrosoftEdge #Microsoft #WebBrowsers #PasswordManagers #SecurityVulnerabilities #BrowserExtensions #PDF #ReadAloud #Chromium

this concludes my reading of https://eprint.iacr.org/2026/058

what a paper. warmly recommended to read.

#crypto #passwordmanagers #bitwarden #lastpass #dashlane

14/n

Ars Technica: Password managers’ promise that they can’t see your vaults isn’t always true. “The researchers reverse-engineered or closely analyzed Bitwarden, Dashlane, and LastPass and identified ways that someone with control over the server—either administrative or the result of a compromise—can, in fact, steal data and, in some cases, entire vaults. The researchers also devised […]

Password managers' promise that they can't see your vaults isn't always true https://arstechni.ca/M3dw #endtoendencryption #passwordmanagers #zeroknowledge #Features #Security #Biz&IT

Password managers’ promise that they can’t see your vaults isn’t always true
Password managers’ promise that they can’t see your vaults isn’t always true
#Passwordmanagers

https://opr.news/2ad7d727260217en_us?link=1&client=ex_global

Download Now
https://opr.as/share

25 recovery-based attack vectors found in major password managers.

Bitwarden, LastPass, Dashlane & 1Password affected.

Worst case: full vault compromise via crypto & recovery flaws.
https://www.technadu.com/major-cloud-password-managers-vulnerable-to-recovery-attacks-bitwarden-lastpass-and-dashlane/620369/

#PasswordManagers #Crypto #InfoSec #CloudSecurity

Exactly what I came here to say @joernsmock. Long strings of random characters are no harder for computers to guess than equally long strings made up of dictionary words. Epecially obscure or non-English words.

Claiming they are is a sales pitch for password managers vendors, not a security fact. Current passphrase advice reflects that XKCD comic, and suggests passphrases be long, memorable, and changed as infrequently as possible.

#PasswordManagers #passphrases

Besides #ProtonPass what other #PasswordManagers are good ?

#AskFedi #AskMastodon

2FA only works if the factors are separate.

If your password manager holds both your passwords AND your 2FA seeds/backup codes, your "second factor" is not really separate anymore.

What I changed (and a checklist):
https://marcelbootsman.nl/two-factor-authentication-only-works-if-the-factors-are-separate/

#2FA #Security #PasswordManagers

Unlike some password managers that overwhelm users with features, Proton Pass keeps things straightforward, making it easy to manage your passwords without a steep learning curve.

Read more 👉 https://lttr.ai/AnH5M

#Free #Cybersecurity #PasswordManagers

I’ve published a new article looking at how hardware security keys work with Proton Pass, including YubiKey support.

It covers:
• what security keys actually protect against
• how they fit into Proton Pass
• when they’re worth using (and when they’re not)

If you’re thinking about stronger account security without adding unnecessary friction, this may help.

🔗 https://paulobrien.com/proton-pass-yubikey-security-keys/

#EmailSecurity #AccountSecurity #PrivacyTools #PasswordManagers #Proton #YubiKey #DigitalSecurity #Infosec

7 Tips & Hacks for Ultimate Password Manager Security

https://apertatube.net/w/sqvNig6Z5McMLtqNE1Y4HZ

8 Of The Best #PasswordManagers That Users Swear By

https://www.bgr.com/2042928/best-password-managers-according-users/