Sunday, July 24, 2011

Android stores your password in plain text!
Posted on
  • Sunday, July 24, 2011
  • by
  • Unknown
  • , in
  • , .
  • Android-password-plain-textWhat may be a shocking revelation, is now unbelievable. For all you android users out there – you are in for a serious security loophole.

    Let me first elaborate it:

    Whenever you access your email account through your android and you let your password be stored – for future ease of access, then – Android stores the password in a SqlLite Database, which, in turn, stores this password on the phone memory (the file system) – In PLAIN TEXT.

    What makes this even worse is the number of viruses out there for the Android operating System, which includes many of the numerous apps out there in the Android Market.

    According to this issue on the Android’s Google Code page, this is the following issue 697 people (at the time of writing) had to complain:

    The password for email accounts is stored into the SQLite DB
     which in turn stores it on the phone's file system in plain
     text.

    Encrypting or at least transforming the password would be
     desirable.

    If you are on android, then be sure to NOT allow your phone to store email account on your phone, till a possible patch is released.

    Subscribe to more tutorials

    Your privacy is taken very seriously.
    Share article: | Subscribe to RSS:

    0 Responses to “Android stores your password in plain text!”

    Post a Comment

    Modified Mash2 theme being used