Password managers are great. But they are not infallible.
It turns out, doing the right thing is not always the best idea.
What we mean to say is that the author of recently-published research found out first hand that just because someone manages to examine various flaws in the market’s premier password managers does not mean that the platform on which that someone works will not kick that someone off it.
The platform in question is Bugcrowd.
Bugcrowd, as some of you might already know is the most popular platform for people to report vulnerabilities in various pieces of software.
The latest incident happened after a company that the author named in his research actually made the effort to report the author to the platform.
Apparently, the company felt the author actually violated the terms of the service contract of Bugcrowd.
More specifically, Bugcrowd had no problems in shutting down the account of Adrian Bednarek.
As mentioned just now, apparently he deliberately violated Bugcrowd’s rules on issues such as unauthorized disclosure.
Aidan did that by telling a specific reporter about a security vulnerability that existed in LastPass.
LastPass, as most of us already know is the most used password management service on the internet at the moment.
As it turns out, the security vulnerability is actually an old bug that some other researcher had previously pointed out as well in a report.
However, the password managers in question still had not fixed the security vulnerability.
Adrian Bednarek also ..
Support the originator by clicking the read the rest link below.
