Germany’s Federal Office for Information Security (BSI) tested ten password manager programs. The review found that three of them stored passwords in ways that could theoretically allow developers to access them, posing a security risk that requires urgent fixes.
Despite these shortcomings, the BSI stressed that password managers remain far safer than using simple or repeated passwords. Several companies have already begun implementing improvements or pledged to do so.
Together with the Consumer Protection Center of North Rhine-Westphalia, the BSI also reviewed privacy policies. About half of the tested programs showed efficient data handling, either collecting no personal information or only what was strictly necessary.
Sources - Agencies
