German researchers have given the thumbs-down to nine widely popular password management apps on Android devices. Password vaults or management applications are widely promoted as the best way to juggle numerous complex passwords. Heck, we often tout the benefits of them. But the researchers argue that software fallibility found in each of the apps merely lulls unwary users into a false sense of security.
The app makers in question have all been notified and have moved swiftly to rectify the flaws; which included storing the master password in plaintext or using hard-coded crypto-keys in application code. Another common vulnerability was in-app internet browsing functions, which many apps offer but often present a serious gap in cyber defences.
Despite this negative review, users who maintain and update their password management apps conscientiously should be safe. So, for the time being, we’ll continue to push their use – until something better comes along. As the famous saying goes, “When the facts change, I change my mind”.