The Register: Kaspersky Password Manager’s random password generator was about as random as your wall clock

The Register: Kaspersky Password Manager’s random password generator was about as random as your wall clock . “In March 2019, security biz Kaspersky Lab shipped an update to [Kaspersky Password Manager], promising that the application could identify weak passwords and generate strong replacements. Three months later, a team from security consultancy Donjon found that KPM didn’t manage either task particularly well – the software used a pseudo-random number generator (PRNG) that was insufficiently random to create strong passwords. From that time until the last few months of 2020, KPM was suggesting passwords that could be easily cracked, without flagging the weak passwords for users.”

Leave a Reply

%d bloggers like this: