iOS 8 Security Flaw Shows Parts of Your Password in Autocomplete

Discussion in 'Apple iPad News' started by dgstorm, Sep 29, 2014.

By dgstorm on Sep 29, 2014 at 3:12 PM
  1. dgstorm

    dgstorm
    Expand Collapse
    Editor in Chief
    Staff Member

    Joined:
    Jul 27, 2011
    Messages:
    619
    Thanks Received:
    144
    [​IMG]

    A security researcher recently discovered something a bit frightening in iOS 8. Apparently, when you have the QuickType predictive feature activated in iOS 8, it will actually suggest parts of your password as part of its predictive typing feature. Here's a quote with an example,

    Ouch! This is a major security issue. If someone gets hold of your device, they can probably fool around with it long enough to get it to tell them part of your password. Obviously this is something that Apple is probably working on in one of their updates they plan to release, but in the mean-time, you should turn off the QuickType predictive feature, just to be safe.

    To do that you need to turn “Predictive” to OFF in the Settings > General > Keyboard.

    Source: BGR
     

Comments

Discussion in 'Apple iPad News' started by dgstorm, Sep 29, 2014.

    1. twerppoet
      twerppoet
      Hmm. A major issue if you let other's use your device, or don't lock your device. Otherwise the window of opportunity is between the time you set your device down and the time it auto-locks.

      If you're not in the habit of setting your device down and leaving it unattended where unscrupulous others dwell, the issue is less important.

      Of course, there is always the device snatcher. They could try going straight to your Apple ID sign-in and try to figure out that password. A good reason to head to the nearest computer or your other device and do a remote wipe. Since they can't guess while off the internet, you've got a good chance of killing the iPad before they have your password. Assuming that password is not 1 2 3 4. (movie Spaceballs reference)

      Still, a security problem is a problem, and I hope Apple addresses it soon.
    2. Ser Aphim
      Ser Aphim
      Unless if you have a passcode or aren't careless your as good as gold. I think this is a bit more convenient, but I would prefer it if it would be a separate feature in iOS.

      Anyways I don't like predictive text so I'm on the safe side here.
    3. twerppoet
      twerppoet
      I like the predictive text. It helps me check my spelling without having to turn on the overly helpful autocorrect. :)

Share This Page