Password manager security papers

like? As the release history from last pass has listed several security fixes since those articles like auto fill-in.

 

Yes, I know. However, I'm not in a position to judge if all those vulnerabilities mentioned in those papers have been fixed. In any case, an official reply if Lastpass was aware of those papers/vulnerabilities would have been ... well ... nice to say the least. I mean we place high confidence in them (and FWIW, I myself am a paying customer), and in return we can expect that they take security concerns/questions seriously, IMHO.

 

Not to defend them but if they start answering in a public forum about each one of the claims circulating around they will never end. I would first wonder if the authors of the papers did submit those vulnerabilities via official vulnerabilities channels. A quick CVE check did not lead to any evidence. So, most likely the usual approach of preference for visibility versus professionality. On top, if you are a paying customer you can contact their support directly and ask for clarification. Vulnerabilities are a delicate matter and they may not simply like to discuss it in a public forum.