The list of tested apps includes MyPasswords , Informaticore , LastPass , Keeper , F-Secure Key , Dashlane , Hide Pictures Keep Safe Vault , Avast Passwords , and 1Password . All tested apps were installed on at least 500,000 devices , with some apps having millions of users . The research team says Vulnerability-related.DiscoverVulnerability these apps featured Vulnerability-related.DiscoverVulnerability different kinds of security flaws , listed below : `` The overall results were extremely worrying and revealed Vulnerability-related.DiscoverVulnerability that password manager applications , despite their claims , do not provide enough protection mechanisms for the stored passwords and credentials , '' the research team concluded Vulnerability-related.DiscoverVulnerability . `` Instead , they abuse the users ' confidence and expose them to high risks . '' In total , security researchers found Vulnerability-related.DiscoverVulnerability 26 security bugs , ranging from low to critical-level issues . The research team went public with their findings at the start of the week . Initially , app makers fixed Vulnerability-related.PatchVulnerability 23 of the 26 flaws , with Avast still lagging behind on three issues . Nevertheless , by March 1 , Avast had also patched Vulnerability-related.PatchVulnerability its product , and now users can update Vulnerability-related.PatchVulnerability to the applications ' latest versions to mitigate Vulnerability-related.PatchVulnerability all issues discovered Vulnerability-related.DiscoverVulnerability during the research . The research team 's name is TeamSIK ( Security Is Key ) , made up of several security professionals from the Fraunhofer Institute for Secure Information Technology in Darmstadt , Germany . Vulnerability reports Vulnerability-related.DiscoverVulnerability for most of the found issues are available on TeamSIK 's project homepage