If you go into settings
safari
passwords and auotfill
saved passwords
then click any website
after typing your lock code you can see your full ID and Password for all websites visited.
I think this is a serious security issue. All someone needs is your code and they can have access to all your passwords.
Shouldnt the passwords be encrypted or just show dots?
iPhone 4S, iOS 7
HI
did you find answer ?
it seems critical but there is not much discussion about it in the internet.
It is in my opinion a great security issue.
This is not possible, the passcode is the "only" protection towards keeping this data safe. All browsers handles the keychain in the exact same way.
Chrome
http://www.engadget.com/2013/08/07/chrome-saved-passwords/
Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-pas swords
Internet Explorer
robertangelini wrote:
If you go into settings
safari
passwords and auotfill
saved passwords
then click any website
after typing your lock code you can see your full ID and Password for all websites visited.
I think this is a serious security issue. All someone needs is your code and they can have access to all your passwords.
Shouldnt the passwords be encrypted or just show dots?
Don't you have a serious password to be able to get into the phone in the first place? What do you mean by "All someone needs is your code and they can have access to all your passwords"? Even if your "code" is "03MaClRiHe&48"?
IOS7 shows full passwords for all safari websites. How can I encrypt stored passwords?
