Came across this article today on forbes.com and was recently thinking about signing up for LastPass to actually keep track of my passwords because I'm looking to get away from just having Google Chrome remember all of my passwords for obvious reasons, is there anyway to really keep track of your passwords securely?
https://www.forbes.com/sites/kateoflahertyuk/2019/02/20/password-managers-have-a-security-flaw-heres-how-to-avoid-it/#457fd4a54e16
'So major password manager firms will be feeling the heat today after a report from Independent Security Evaluators (ISE) found fundamental flaws that expose user credentials in computer memory while locked. According to the researchers, this renders them “no more secure than saving passwords in a text file”.'
'The ISE evaluated 1Password, Dashlane, KeePass and LastPass, which are used by a total of 60 Million users and 93,000 Businesses globally. It found that all the products failed to provide the security to safeguard a user’s passwords “as advertised”.'
'the researchers found that in some circumstances, the master password was residing in the computer’s memory in a plain text readable format.'
The original report by ISE here:
https://www.securityevaluators.com/casestudies/password-manager-hacking/