Skip to main content

ViaForensics: 10 pct of iOS, Android apps store clear text passwords

ViaForensis app data (Aug 2011)
Image used with permission by copyright holder

Almost everyone with a smartphone knows there’s some risk to carrying around apps that handle passwords, email, photos, personal info, and access to financial information on a device that you can easily leave unattended on a desk or sitting on a counter in a coffee shop. But just how many apps put users at risk? According to Chicago-based digital forensics company ViaForensics, a lot: their new Mobile App Security study finds that a full 10 percent of Android and iOS apps tested store passwords as clear text, completely unprotected if anyone should get ahold of a device. Furthermore, some 76 percent of apps tested store usernames in plain text—and while usernames might not seem terribly important to secure, sometimes they’re just the info a criminal or stalker needs to get to more-important info.

“Based on the results of this study, there is a serious potential threat for identity or financial theft if a lost smartphone should fall into the wrong hands,” ViaForensics wrote. “For instance, if a cybercriminal is able to steal one password, coupled with all of the usernames recovered, would pose a serious threat for someone who uses the same password on many accounts.”

ViaForensics rated apps on a three-stage Pass-Warn-Fail system. A “Pass” rating meant that the company couldn’t find sensitive data it was looking for, or if the data was successfully encrypted. ViaForensics gate an app a “Warn” rating if they were able to uncover data but didn’t believe the exposed information put the user at significant risk, while a “Fail” rating meant ViaForensics was able to pull information like passwords and accounts numbers.

Of the 100 apps tested, 39 received a failing grade. Some 44 apps rated a warning, and only 17 got a “pass” rating.

Broken down by category, some 32 financial applications faired relatively well, with 14 passing and 10 receiving a warning: that means eight failed, including Mint for iPhone and Android, along with Wikiinvest and Square for the iPhone. Social networking apps, however, failed miserably, with none receiving a passing mark and a stunning 14 out of 19 failing. Retail apps also faired badly: of 14 apps tested, none passed, 12 for a warning, and 2 failed.

Overall, ViaForensics noted Apple made significant headway with iOS security with iOS 4.0, but notes that iOS users can’t afford to sit back and ignore potential risks from apps.

ViaForensics’ ratings for individual apps are available via their appWatchdog site.

Editors' Recommendations

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
This one thing could make iOS 18 the best iPhone update in years
The Home Screen on the iPhone 15 Pro Max.

Apple’s WWDC 2024 is just a couple of months away. As with every WWDC, we’ll see what Apple has in store for the next generation of software across its hardware portfolio, including the iPhone with iOS 18.

Rumors have been swirling about iOS 18 and how it will be “one of the biggest updates yet.” We know some features like RCS support in Messages are definitely coming, with other whispers of big home screen customization changes and more.

Read more
How to add a different home screen wallpaper on iOS 17
An iPhone with iOS 16, showing the new Lock Screen.

If you haven't used an iPhone in a while, or if you haven't tried to update your lock screen, they you might be happy to learn about some of the new customization features that are available in iOS 17. Although iOS has made some controversial changes to its UI, such as moving the notifications to the bottom of the lock screen, they are also more welcome changes to the customization options for the lock screen.

Introduced in iOS 16 was a slew of lock screen customization features to let you tweak your phone's lock screen to your liking, and these same features are available in iOS 17 as well. While the lock screen used to be just a static image, you can now make it more dynamic with options like cycling through collections of your photos, so you can show off your favorite photos of your pets, your family, or beautiful locations that you've visited.

Read more
When will Apple release iOS 18? Here’s what we know
An iPhone 14 laying face-down on a wood table.

Apple's annual Worldwide Developers Conference (WWDC) will start on Monday, June 10. During the conference keynote, the company is expected to unveil new software updates for its major products, including iOS 18 for iPhones.

iOS 18 is expected to be a major iPhone update, likely ushering in a new design and AI features. If you are wondering when you can get your hands on the latest software version, here's everything you need to know about iOS 18's release date.
When will the iOS 18 beta be released?

Read more