HT TECH wants to start sending you push notifications. Click allow to subscribe

This Password Manager just put users in a fix; you may need to take this action

The Password Manager was generating weak passwords putting you at risk; so, if you have been using it, you might want to change some of your passwords.

By: HT TECH
Updated on: Jul 08 2021, 09:53 IST
It might be time to change some of your older Kaspersky Password Manager entries.  (Pixabay)

A recent report has revealed that Kaspersky Password Manager was using an insecure method of generating passwords for many years that could be bruteforced by hackers in just a few minutes. Some of the people who were using its services now need to change their passwords.

Passwords should ideally be easy to remember while being difficult for a computer to guess, but in practice, most people use passwords that are difficult to remember and easy for computers to guess. Therefore, experts recommend the use of password management software like LastPass, 1Password, Bitwarden and Kaspersky Password Manager, which are solutions that can generate and store secure passwords so users only have to remember one secure password to stay safe on the web. Those who used the Kaspersky Password Manager, may have been put at risk. By the way, Kaspersky has finally, resolved the issue.

You may be interested in

Mobiles Tablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹148,900₹159,900
Buy now
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
₹107,999₹149,999
Buy now
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
₹106,998
Check details
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹87,900
Check details
21% OFF
Acer Swift Go SFG14 41 NX KG3SI 002 Laptop
  • Pure Silver
  • 8 GB RAM
  • 512 GB SSD
₹58,999₹74,999
Buy now
39% OFF
Acer Aspire 5 A515 57G Laptop
  • Gray
  • 16 GB RAM
  • 512 GB SSD
₹54,949₹89,999
Buy now
22% OFF
Acer Aspire 3 A315 24 NX KDESI 004 Laptop
  • Silver
  • 8 GB RAM
  • 512 GB SSD
₹33,499₹42,999
Buy now
40% OFF
Asus VivoBook 15 X515JA BQ322WS Laptop
  • Transparent Silver
  • 8 GB RAM
  • 512 GB SSD
₹31,350₹51,990
Buy now
34% OFF
Xiaomi Pad 6
  • Mist Blue
  • 6 GB RAM
  • 128 GB Storage
₹26,299₹39,999
Buy now
55% OFF
Lenovo Tab M10 5G
  • Abyss Blue
  • 6 GB RAM
  • 128 GB Storage
₹20,999₹47,000
Buy now
32% OFF
Realme Pad 2
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹19,749₹28,999
Buy now
Honor Pad X9
  • Gray
  • 4 GB RAM
  • 128 GB Storage
₹14,999
Check details

What was the Kaspersky Password Manager flaw?

Also read: Looking for a smartphone? To check mobile finder click here.

A researcher who responsibly disclosed the flaw to Kaspersky to allow them to fix the issue explained that there were two flaws in the password management solution, as ZDNet reports. Password managers use a random number generator to create secure passwords, but Kaspersky was reportedly using the system time as a ‘seed’.

"It means every instance of Kaspersky Password Manager in the world will generate the exact same password at a given second," said Jean-Baptiste Bédrune, head of security at Ledger Donjon. "The consequences are obviously bad: every password could be bruteforced. For example, there are 315619200 seconds between 2010 and 2021, so KPM could generate at most 315619200 passwords for a given charset. Bruteforcing them takes a few minutes." he added.

Also read: Looking for a smartphone? Check Mobile Finder here.

Bédrune also discovered a second flaw that the company probably created to defeat dictionary attacks – a technique used by hackers who systematically enter every word in a dictionary in order to find a password, according to the report. Kaspersky would use uncommon letter groupings like zr or qz to make passwords. The obvious downside to using this system was that a hacker who knows their target is using Kaspersky Password manager could break into the system much faster by trying these letter combinations.

What you need to do now

If you created an account with Kaspersky Password Manager after October 2019, you should be protected from the security flaw that enabled the generation of less secure passwords. If you’ve been a user for longer, some of your passwords generated during or before 2019 may need to be regenerated. The service should notify you about these passwords, which should make the process easier.

Here’s what Kaspersky had to say

The researcher informed Kaspersky of the issue in June 2019 and the company worked on a fix that was issued four months later in October. A year later, the company notified its users that they would need to change some passwords. The company finally released an advisory in April 2021, detailing which versions of its software were impacted by the issue. "All public versions of Kaspersky Password Manager liable to this issue now have a new logic of password generation and a passwords update alert for cases when a generated password is probably not strong enough," Kaspersky said in the advisory.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on ,Twitter, Facebook, , and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 08 Jul, 09:53 IST

Sale

Mobiles Tablets Laptops
4% OFF
Samsung Galaxy S24 Ultra
  • Titanium Black
  • 12 GB RAM
  • 256 GB Storage
₹129,999₹134,999
Buy now
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹148,900₹159,900
Buy now
13% OFF
Xiaomi 14
  • Matte Black
  • 12 GB RAM
  • 512 GB Storage
₹69,999₹79,999
Buy now
11% OFF
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹79,800₹89,900
Buy now
57% OFF
Lenovo Tab M10 5G
  • Abyss Blue
  • 6 GB RAM
  • 128 GB Storage
₹19,999₹47,000
Buy now
38% OFF
Realme Pad 2
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹17,999₹28,999
Buy now
11% OFF
Samsung Galaxy Tab S9 5G 256GB
  • Graphite
  • 8 GB RAM
  • 256 GB Storage
₹83,999₹93,999
Buy now
38% OFF
realme Pad 2 WiFi
  • Imagination Grey
  • 6 GB RAM
  • 128 GB Storage
₹17,999₹28,999
Buy now
23% OFF
Infinix INBook X1 Neo XL22 Laptop Intel Celeron Quad Core 8 GB 256 GB SSD Windows 11
  • Blue
  • 4 GB RAM
  • 128 GB SSD
₹22,990₹29,990
Buy now
36% OFF
Infinix INBook X1 Pro Laptop
  • Black
  • 8 GB RAM
  • 256 GB SSD
₹44,990₹69,999
Buy now
29% OFF
Asus VivoBook 15 X515JA EJ522TS Laptop
  • Grey
  • 8 GB RAM
  • 512 GB SSD
₹44,689₹62,889
Buy now
34% OFF
Asus ROG Strix G17 G713QM K4215TS Laptop
  • Black
  • 16 GB RAM
  • 1 TB SSD
₹180,990₹272,990
Buy now
NEXT ARTICLE BEGINS