A recent academic study from ETH Zurich and Università della Svizzera italiana identified 25 distinct attack methods that undermine the "zero-knowledge encryption" claims of major cloud-based password managers, including Bitwarden, LastPass, and Dashlane. The attacks, which assume a malicious or compromised server, exploit design weaknesses in features like account recovery (key escrow), credential sharing, item-level encryption, and backward compatibility, allowing an adversary to recover plaintext passwords, modify vault contents, or fully compromise vaults with minimal user interaction. While specific CVSS scores and fixed version numbers are not provided in the source material, the researchers followed responsible disclosure, and users are advised to ensure all client applications are updated to their latest versions to mitigate known patched vulnerabilities.
Good article on password managers that secretly have a backdoor. New research shows that these claims aren’t true in all cases, particularly when account recovery is in place or password managers are set to share vaults or organize users into groups. The researchers reverse-engineered or closely analyzed Bitwarden, Dashlane, and LastPass and identified ways that someone with control over the server—either administrative or the result of a compromise—can, in fact, steal data and, in some cases, entire vaults. The researchers also devised other attacks that can weaken the encryption to the point that ciphertext can be converted to plaintext. This is where I plug my own Password Safe . It isn’t as full-featured as the others and it doesn’t use the cloud at all, but it’s actual encryption with no recovery features.