Password Managers: Security, Risks, and Forensic Implications
November 18th, 2025 by Oleg Afonin
Password managers have become a common part of everyday digital life, helping users handle hundreds of online accounts. They simplify authentication and reduce the need to remember complex credentials, yet the same centralization that makes them convenient also concentrates risk. Modern platforms from Apple, Google and Microsoft all ship with built-in password managers, and many users rely on third-party apps for the same purpose.
iOS DFU Mode Starter: Automating the Apple Dance
April 1st, 2012 by Olga Koksharova
Switching iPhones into a DFU (Device Firmware Update) mode is a hassle. Power off, press that and hold those that many seconds, release this but continue holding that until hopefully something happens on the phone. Many iPhone users have major troubles switching their iPhones into DFU mode. Luckily for them, they don’t have to do the Apple Dance too often.
Mobile password keepers don’t keep the word
March 16th, 2012 by Olga Koksharova
We’ve analyzed 17 popular password management apps available for Apple iOS and BlackBerry platforms, including free and commercially available tools, and discovered that no single password keeper app provides a claimed level of protection. None of the password keepers except one are utilizing iOS or BlackBerry existing security model, relying on their own implementation of data encryption. ElcomSoft research shows that those implementations fail to provide an adequate level of protection, allowing an attacker to recover encrypted information in less than a day if user-selectable Master Password is 10 to 14 digits long.
Updated iOS Forensic Toolkit Ready for iOS 5.1, Tries Top 100 Common Passcodes First
March 12th, 2012 by Olga Koksharova
Today, we released an updated version of iOS Forensic Toolkit. It’s not as much of an update to make big news shout, but the number of improvements here and there warrants a blog post, and is definitely worth upgrading to if you’re dealing with multiple iPhones on a daily basis.
Breaking Wi-Fi Passwords: Exploiting the Human Factor
March 8th, 2012 by Olga Koksharova
Attacking Wi-Fi passwords is near hopeless if a wireless hotspot is properly secured. Today’s wireless security algorithms such as WPA are using cryptographically sound encryption with long passwords. The standard enforces the use of passwords that are at least 8 characters long. Encryption used to protect wireless communications is tough and very slow to break. Brute-forcing WPA/WPA2 PSK passwords remains a hopeless enterprise even if a horde of GPU’s is employed. Which is, in general, good for security – but may as well inspire a false sense of security if a weak, easy to guess password is selected.
ElcomSoft Discovers Most of Its Customers Want Stricter Security Policies but Won’t Bother Changing Default Passwords
February 22nd, 2012 by Olga Koksharova
We runned yet another Password Usage Bahaviour survey on our Web site and gthered statistically significant data, reflected in the following charts. And the main conclusion was that most people working with sensitive information want stricter security policies but rarely bother changing default passwords.
Newer iOS Forensic Toolkit Acquires iPhones in 20 Minutes, Including iOS 5
November 1st, 2011 by Olga Koksharova
iOS 5 Support
EPPB: Now Recovering BlackBerry Device Passwords
September 29th, 2011 by Andrey Belenko
Less than a month ago, we updated our Elcomsoft Phone Password Breaker tool with the ability to recover master passwords for BlackBerry Password Keeper and BlackBerry Wallet. I have blogged about that and promised the “next big thing” for BlackBerry forensics to be coming soon. The day arrived.
