Privacy News Proton Pass Retains Passwords in Cleartext Form in Memory

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
806
The Proton Pass password manager follows the bad practice of keeping unencrypted usernames and passwords in the computer’s memory.
To make matters worse, this sensitive data is not wiped from the memory when the vault is locked post-login, making it susceptible to exfiltration by info-stealer malware or attackers with physical access to the target machine.
 
F

ForgottenSeer 103564

Hard to believe the good folks over at CERN and Proton AG would allow one of their applications to do something as such, but is a reminder of why i do not trust many password manager applications now days.
 

simmerskool

Level 30
Verified
Top Poster
Well-known
Apr 16, 2017
1,986
what's the current version and has Proton fixed this memory security faux pas (pardon my French)
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,386
  • Thanks
Reactions: simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top