“The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time. All the passwords it created could be bruteforced in seconds.”


They used math.random() on the web version y’all. This is a “security” company. I’m speechless.


@aral they are fine security company but like any big corporation not all of their service are priority i.e. source of income.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!