Elcomsoft Finds Major Flaws in Mobile Password Apps


Russian software company Elcomsoft recently published the results of a study examining 17 different password management apps for iOS and BlackBerry devices.

"Those results are disturbing," Infosecurity reports. "'Only one password management app for the iOS platform, DataVault Password Manager,' notes Elcomsoft, 'stores passwords in secure iOS-encrypted keychain.' Overall, the content of the 10 of the seventeen password keepers can be recovered in less than a day, which is 'guaranteed if user-selectable master password is 10 to 14 digits long.'"

"In short, the majority of password keepers for iOS and Blackberry, designed to enhance users’ security, actually reduce it," the article states.

Go to "Password managers on mobile devices -- fail" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.