On the security of password manager database formats

Findings from this paper show that most password managers are easily broken and use storage formats that are easily accessible, even to weak adversaries. The work does, however, show that it is possible to theoretically construct a format that is secure, that’s usable and that uses low computation power.