The fact is that KPM was created to generate 12-digit passwords by default, although it allowed users to personalize their passwords by changing settings, including password length, uppercase and lowercase letters, numbers, and special characters. Researchers at Ledger Donjon say that by striving to create passwords that are as different as possible from passwords generated by the people themselves, the application has become predictable. #Kaspersky password manager flaw bruteforced passwords generator#“The password generator in Kaspersky Password Manager had several problems. Most critical was that he used a pseudo-random number generator that was unusable for cryptographic purposes. The only source of entropy in it was the current system time, and all the passwords that it created could be found in a matter of seconds, ”the experts say. #Kaspersky password manager flaw bruteforced passwords update#Last year, the developers of Kaspersky Password Manager (KPM) asked users to update their passwords to stronger ones. Now the specialists of Ledger Donjon (the information security division of the Ledger company, which develops crypto wallets), talked about why this happened, and what problems they discovered in KPM some time ago.Įxperts remind that in March 2019, Kaspersky Lab released an update for KPM, promising that now the application will be able to identify weak passwords and generate more reliable replacements for them. Three months later, the Ledger Donjon team found that KPM was not doing very well with this, as it used a pseudo-random number generator that did not produce enough random results to generate strong passwords. In particular, the characters in the passwords were generated and placed in a not entirely random way.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |