That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers

Sean Oesch and Scott Ruoti

Abstract
Password managers have the potential to help users more effectively manage their passwords and address many of the concerns surrounding password-based authentication, however prior research has identified significant vulnerabilities in existing password managers. Since that time, five years has passed, leaving it unclear whether password managers remain vulnerable or whether they are now ready for broad adoption. To answer this question, we evaluate thirteen popular password managers and consider all three stages of the password manager lifecycle—password generation, storage, and autofill. Our evaluation is the first analysis of password generation in password managers, finding several non-random character distributions and identifying instances where generated passwords were vulnerable to online and offline guessing attacks. For password storage and autofill, we replicate past evaluations, demonstrating that while password managers have improved in the half-decade since those prior evaluations, there are still significant issues, particularly with browser-based password managers; these problems include unencrypted metadata, unsafe defaults, and vulnerabilities to clickjacking attacks. Based on our results, we identify password managers to avoid, provide recommendations on how to improve existing password managers, and identify areas of future research.

Reference
Sean Oesch and Scott Ruoti. 2020. That was then, this is now: A security evaluation of password generation, storage, and autofill in browser-based password managers. In Proceedings of the 30th USENIX Security Symposium. USENIX.

Downloads


Research Artifacts

We have made our research artifacts regarding password generation, storage, and autofill available to the community.

Generation

We used two methods to generate passwords for analysis. For Chrome and KeyPassX/C, we created executables to generate passwords. Those can be found here. For 1Password, Dashlane, LastPass, online password generator, and RoboForm, we scraped passwords from password generation websites. The scripts for scraping passwords can be found here. We do not actively update these scripts, so if the websites have been modified they will need to be updated accordingly. We also manually generated 100 passwords for Safari using the iCloud Keychain and these passwords can be found here.

Part of our analysis of the randomness of generated passwords involved the use of neural networks. We used the code provided by Melicher et al., which can be found at https://github.com/cupslab/neural_network_cracking. The configuration we used to run the neural nets can be found here here.

The password corpus we collected analyzed can be found here. Within this folder, you will also find analysis scripts we used to evaluate our password corpus. Results for the zxcvbn analysis of our data is also available.

Storage

As part of our analysis of storage, we performed a diff on the password valuts before and after changing the master password. These diffs can be found here.

Autofill

We created a suite of webpages to test various vulnerabilities and settings for autofill. These can be found here. These webpages were deployed to two separate heroku domains, with these domains replaced by <pre>testwebsite-1</pre> and </pre>testwebsite-2</pre>, respectively, in the code. To run the full suite of tests, it is necessary to generate appropriate certificates, both valid (server.key/server.cert) and invalid certificates (localhost.key/localhost.crt).

The final results of our analysis are here with notes from our analysis stored here.