Kaspersky is a Russian, Moscow-based cybersecurity and anti-virus provider. This helps to redirect hackers' attention from the problem that still exists. The program's interface includes a one-second animation of rapidly shifting random characters that obscure the moment the actual password gets generated. Right now, the password manager will generate identical passwords at any given time anywhere in the world. The company advised to change or regenerate all passwords created before October 2019 but assured users that all of the public versions of Kaspersky Password Manager that were liable to this issue, now have a new system of password generation. A hacker would have a need to know additional information usually, the time when the password was generated in order to crack it. The safety system used by Kaspersky seemed to overlook basic threats and focus mainly on huge issues. An attacker would have to know the time of password generation The company states that as of right now, security issues have been fixed. It was admitted that previously used password generator was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. Įven though Kaspersky was informed about the problem back in June 2019 and even released the fixed version, the company published a new security advisory only on 27 April 2021. This method aimed to create passwords hard to break for standard password hackers but it does lower the strength of the generated passwords against dedicated tools. It seems that Kaspersky Password Manager used more of a complex method to generate its' passwords and the result came to be quite negative. The program used a PRNG not suited for cryptographic purposes and all the passwords it created could be brute-forced in just a few seconds. Apparently, the Kaspersky program didn't use additional sources of entropy other than the current time. Kaspersky Password Manager that could generate random passwords came to be random in itself. Passwords made with the Kaspersky tool can be brute-forced. ![]() ![]() ![]() Issues with password generation tool revealed: Kaspersky knew about easily cracked passwords back in 2019
0 Comments
Leave a Reply. |