Explore the security vulnerabilities of popular password managers in this 41-minute RSA Conference talk. Dive into the intricacies of how master passwords and stored secrets are handled during different states of password manager operation, including when logged out or locked. Examine the anatomy of password managers, their workflow, and terminology. Analyze security guarantees in various states such as "Not Running" and "Running:Unlocked." Witness demonstrations of attacks on password managers in different states, including a specific demo attack on 1Password in the "Running:Locked" state. Learn about a Windows bug discovery affecting LastPass and its mitigation. Gain insights into applying this knowledge for improved security practices and understand the implications for future password manager development.