Skip to main content

On the Security of Password Manager Database Formats

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7459)


Password managers are critical pieces of software relied upon by users to securely store valuable and sensitive information, from online banking passwords and login credentials to passport- and social security numbers. Surprisingly, there has been very little academic research on the security these applications provide.

This paper presents the first rigorous analysis of storage formats used by popular password managers. We define two realistic security models, designed to represent the capabilities of real-world adversaries. We then show how specific vulnerabilities in our models allow an adversary to implement practical attacks. Our analysis shows that most password manager database formats are broken even against weak adversaries.


  • Security Analysis
  • Security Notion
  • Database Format
  • Choose Plaintext Attack
  • Passive Adversary

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Trusteer: Reused Login Credentials,

  2. Herzberg, A.: Why Johnny can’t Surf (Safely)? Attacks and Defenses for Web Users. Computers & Security 28(1-2) (2009)

    Google Scholar 

  3. Dhamija, R., Tygar, J., Hearst, M.: Why Phishing Works. In: SIGCHI Conference on Human Factors in Computing Systems. ACM, New York (2006)

    Google Scholar 

  4. RomanLab Co. Ltd.: USB password manager: When your password database is right where you need it,

  5. Siber Systems, Inc.: Roboform2go for USB drives,

  6. Portable Apps: Keepass password safe portable,

  7. 1Password: Automatic Syncing Using Dropbox,

  8. KeePassDroid: Dropbox and KeePassDroid,

  9. AgileBits, Inc.: 1password,

  10. Vanhove, M.: Kypass,

  11. Pellin, B.: Keepassdroid,

  12. Google: Get a fast, free web browser,

  13. Mozilla: Firefox,

  14. Microsoft: Internet Explorer 9,

  15. KeePass – A Free and Open-source Password Manager,

  16. Muiznieks, R.: Passdrop,

  17. PINs, Secure Passwords Manager,

  18. Password Safe – Simple & Secure Password Management,

  19. Pilhofer, F.: Password Gorilla,

  20. Siber Systems, Inc.: RoboForm,

  21. Gaw, S., Felten, E.: Password Management Strategies for Online Accounts. In: SOUPS 2006. ACM Press, Pittsburgh (2006)

    Google Scholar 

  22. Katz, J., Yung, M.: Unforgeable Encryption and Chosen Ciphertext Secure Modes of Operation. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  23. Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. J. Cryptology 21(4) (2008)

    Google Scholar 

  24. Google: Protect your synced data,

  25. Mozilla: Firefox Sync for Mobile,

  26. Frazier, M.: Sync Firefox from the Command Line,

  27. Microsoft Dev Center: CryptProtectData function,

  28. AgileBits, Inc.: 1password agile keychain design,

  29. GNU zip: The GZIP homepage,

  30. Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  31. Gasti, P., Rasmussen, K.: On The Security of Password Manager Database Formats. Technical report, UCI (2012), Available from Cryptology ePrint Archive,

  32. Damgaard, I., Nielsen, J.: Expanding Pseudorandom Functions; or: From Known-Plaintext Security to Chosen-Plaintext Security. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 449–464. Springer, Heidelberg (2002)

    CrossRef  Google Scholar 

  33. Password Safe V3 Database Format,

  34. Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C.: Twofish: A 128-Bit Block Cipher. Current 21(1) (1998)

    Google Scholar 

  35. Ferguson, N.: AES-CBC + Elephant diffuser A Disk Encryption Algorithm for Windows Vista. Technical report, Microsoft Research (2006)

    Google Scholar 

  36. Luo, H., Henry, P.: A Common Password Method for Protection of Multiple Accounts. In: International Symposium on Personal, Indoor and Mobile Radio Communication (2003)

    Google Scholar 

  37. Blasko, G., Narayanaswami, C., Raghunath, M.: A Wristwatch-Computer Based Password-Vault. Technical report, IBM Research Division (2005)

    Google Scholar 

  38. Englert, B., Shah, P.: On the Design and Implementation of a secure Online Password Vault. In: ICHIT 2009. ACM Press (2009)

    Google Scholar 

  39. Bonneau, J., Preibusch, S.: The Password Thicket: Technical and Market Failures in Human Authentication on the Web. Information Security 8(1) (2010)

    Google Scholar 

  40. Belenko, A., Sklyarov, D.: “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? Technical report, Elcomsoft Co. Ltd. (2012),

  41. Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman & Hall/CRC (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gasti, P., Rasmussen, K.B. (2012). On the Security of Password Manager Database Formats. In: Foresti, S., Yung, M., Martinelli, F. (eds) Computer Security – ESORICS 2012. ESORICS 2012. Lecture Notes in Computer Science, vol 7459. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33166-4

  • Online ISBN: 978-3-642-33167-1

  • eBook Packages: Computer ScienceComputer Science (R0)