WTF?! Cloud password managers have sold a simple promise for years: total security through "zero-knowledge encryption." But a new analysis from researchers at ETH Zurich shows that even the most respected products – Bitwarden, LastPass, and Dashlane – don't live up to that claim. Despite marketing that guarantees only users can access their passwords, the study found flaws that could allow compromised servers expose or even alter sensitive data stored in supposedly sealed vaults.
The research, led by ETH Zurich's Applied Cryptography Group, tested core encryption systems in the three most widely used cloud password managers. Together, these services manage credentials for roughly 60 million users – an enormous share of the market.
Using what they describe as a "malicious server threat model," the researchers simulated hacked servers capable of behaving abnormally during client interactions such as logins or data syncs. The results were sobering: 12 successful attacks against Bitwarden, seven against LastPass, and six against Dashlane.
In many cases, the team achieved full access to passwords and account data, demonstrating how attackers could manipulate ordinary user actions to breach vaults.
Professor Kenneth Paterson, who heads the ETH Zurich group, said the vulnerabilities were more severe than expected. His team had uncovered similar issues in other cloud-based applications, but assumed password managers – given their role as digital safes for credential data – had developed stronger safeguards.
Instead, they found systems built around encryption architectures that gave servers too much influence over the decryption process.
According to doctoral student Matteo Scarlata, one reason for these architectural weaknesses lies in the tension between security and convenience. Password manager developers aim to keep user experience as smooth as possible, offering features such as account recovery and family sharing.
But those conveniences introduce complexity, which expands the attack surface. "Such attacks do not require particularly powerful computers or servers – just small programs capable of impersonating the server," Scarlata said.
Paterson's group provided the affected companies 90 days to patch the vulnerabilities before publicly disclosing their results. Most vendors responded cooperatively, though some were slow to address underlying issues.
The researchers noted that developers are often reluctant to overhaul encryption systems out of fear that customers could lose access to their stored data – a risk particularly concerning for enterprise clients managing employee credentials across organizations. Many providers therefore continue relying on cryptographic frameworks dating back to the 1990s, long considered obsolete in academic circles.
The ETH team is now pushing for modernization. Scarlata recommends a hybrid transition model that would bring new customers onto updated architectures while allowing existing users to migrate voluntarily with full awareness of the risks. Future systems, the researchers argue, should default to modern end-to-end encryption and undergo consistent third-party auditing.
Despite serious flaws, the researchers emphasize that password managers remain valuable tools for managing the hundreds of credentials most users face. Paterson advises users to favor services that are open about their security limitations and subject to independent review. The ultimate goal, he said, isn't to discredit the technology but to force greater transparency and more robust design principles across the industry.
New study finds security gaps in Bitwarden, LastPass, and Dashlane


