Study Tests Zero‑Knowledge Protections in Cloud Password Managers

Threat summary

On February 16, a study was published revealing 27 attack paths affecting major password managers, ranging from targeted integrity violations to full compromise of all vaults associated with an organization. Most of the revealed attacks enable recovery of stored passwords. The findings were disclosed to the vendors, and remediation efforts are underway. 

The research examines how cloud-based password managers, including Bitwarden, LastPass, and Dashlane, behave under a malicious server threat model, which tests whether zero-knowledge encryption would still protect users if the provider itself were compromised.

Although “zero-knowledge encryption” has no strict technical definition, it's widely understood to mean that the server storing encrypted vaults cannot learn anything about their contents, even if it behaves maliciously. 

The study found that an attacker with control over a provider’s cloud infrastructure could manipulate password recovery workflows and client‑side logic to recover stored passwords or alter vault contents. Encryption remains intact, but the trust relationship between client and server becomes the point of failure.

A compromised server can feed crafted responses during recovery and configuration, enabling password extraction or vault manipulation because the client has no independent way to verify the integrity of the data it receives. 

Bitwarden, LastPass, and Dashlane have implemented or are working on remediation. 1Password responded that the issues identified reflected previously documented architectural limitations rather than new vulnerabilities, noting that their design keeps the Secret Key on the client, uses Secure Remote Password to avoid exposing password-derived data, and that the research did not demonstrate any bypass of these protections. 

Analysis & mitigation

Password managers remain essential security tools, but this research shows that their protection depends heavily on how well each vendor’s architecture holds up when the server itself can’t be trusted.

The research underscores that password managers, despite their benefits, centralize access in ways that create systemic risk if the provider’s infrastructure is breached. Identity systems remain high-value targets because they aggregate privileged credentials, and the study shows how zero-knowledge protections can be weakened by design choices even when encryption is sound.

Although these attacks require significant prior access, a breach of this nature would have far-reaching consequences because password managers often store the keys to multiple systems. 

Mitigations focus on limiting what an attacker could do if a provider’s infrastructure were ever compromised. Enforcing multi-factor authentication, restricting browser-extension use for privileged accounts, and moving high-value credentials to hardware-backed authentication could all reduce exposure.

Keeping password-manager access segmented and tied to monitored workstations helps contain misuse, while monitoring for unusual recovery events or vault changes provides early detection.

Storing only necessary credentials in cloud-based vaults and placing the most sensitive secrets in offline or hardware-secured storage further reduces risk, and staying current with vendor updates ensures new protections are applied consistently. 

Stay on top of emerging threats like this.

Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities. 

Sign up