Kaspersky Password Manager was caught creating weak passwords that were easy to brute force attack.
We will first see an example of a good password generation method, to explain after why the method used by Kaspersky was flawed, and how we exploited it. As we will see, passwords generated by this tool can be bruteforced in seconds.
After a bit less than two years, this vulnerability has been patched on all versions of KPM. Vulnerability has been assigned CVE-2020-27020.
Check It Out: Kaspersky’s Password Manager Created Weak Passwords