This is why I feel that all password managers that store passwords are fundamentally flawed. Who has verified the crypto used to store the passwords? Has it been implemented by devs who thought they knew crypto (but really don't) as this article suggests?
