The Open UniversitySkip to content

Forensically-Sound Analysis of Security Risks of using Local Password Managers

Gray, Joshua; Franqueira, Virginia N. L. and Yu, Yijun (2016). Forensically-Sound Analysis of Security Risks of using Local Password Managers. In: 1st International Workshop on Requirements Engineering for Investigating and Countering Crime, 13 September 2016, Beijing, IEEE.

Full text available as:
PDF (Accepted Manuscript) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (349kB) | Preview
Google Scholar: Look up in Google Scholar


Password managers have been developed to address the human challenges associated with password security, i.e., to solve usability issues in a secure way. They offer, e.g., features to create strong passwords, to manage the increasing number of passwords a typical user has, and to auto-fill passwords, sparing users the hassle of not only remembering but also typing them. Previous studies have focused mainly on the security analysis of cloud-based and browser-based password managers; security of local password managers remains mostly under-explored. This paper takes a forensic approach and reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). Results revealed that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after the applications had been closed. Therefore, an attacker or malware with temporary access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times.

Item Type: Conference or Workshop Item
Copyright Holders: 2016 IEEE
Project Funding Details:
Funded Project NameProject IDFunding Body
Police Knowledge FundNot SetHEFCE
Adaptive Security And Privacy (XC-11-004-BN)291652EC (European Commission): FP (inc.Horizon2020 & ERC schemes)
Keywords: Password Managers; Authentication; Security Risk; Digital Forensics
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Policing Research and Learning (CPRL)
Centre for Research in Computing (CRC)
Item ID: 46871
Depositing User: Yijun Yu
Date Deposited: 26 Jul 2016 14:00
Last Modified: 23 Jan 2017 14:05
Share this page:

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU