Your mobile password manager might be exposing your credentials

Due to a flaw in the autofill feature of Android applications, some well-known mobile password managers are unintentionally disclosing user passwords.

University researchers at the IIIT Hyderabad have discovered a vulnerability they have dubbed “AutoSpill,” which can expose users’ saved credentials from mobile password managers by evading Android’s secure autofill mechanism. This research was presented this week at Black Hat Europe.Ideally, the password manager should only autofill into the loaded Google or Facebook page when the autofill feature is triggered. However, we discovered that the autofill feature can inadvertently reveal the login credentials to the main application.

Your mobile password manager might be exposing your credentials

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Your mobile password manager might be exposing your credentials

07-Dec-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address