On the Security of Password Managers

The blog post links to research revealing that server-side control or compromise of major password managers (Bitwarden, Dashlane, LastPass) can allow data theft or decryption of user vaults in certain configurations—notably when account recovery, vault sharing, or grouping features are used—and suggests using local-only tools like Password Safe to avoid these risks.