Starbucks Confirms Storing Unencrypted User Passwords in iPhone App
Starbucks Confirms Storing Unencrypted User Passwords in iPhone App is a post by Craig Lloyd from Gotta Be Mobile.
If you’re a big fan of using the Starbucks app on your iPhone, today’s news might make you change your mind. According to Computerworld , Starbucks confirmed that its iPhone app stored username and password data in plain text and unencrypted.
This means that anyone with access to your phone can see your username and password just by connecting the phone to a computer and viewing the crash logs. Furthermore, if you have Location Services enabled in the app (useful for locating Starbucks locations around you), anyone can also get a list of geolocation tracking points to see where you’ve been.
Starbucks is well aware of how it stores usernames and passwords on the app, but the company says that your personal information is safe anyway, noting that it made changes and implement security measures to make sure that no one can steal your credentials, although the company didn’t mention what these security measures were.
So why aren’t usernames and passwords encrypted on the Starbucks app? Convenience. Users only have to log in once, and from there they can use the app without ever having to log in again. If Starbucks were to encrypt passwords, users would have to log in each time they wanted to use the app. Furthermore, it doesn’t seem like Starbucks is moving quickly to fix this issue, as the app hasn’t been updated in months.
Then again, someone who wanted your Starbucks password would need to steal your phone first, and they would need a little know-how in order to download the right data to their computer in order to see your password. Nonetheless, it’s not exactly comforting knowing that Starbucks really doesn’t seem to care about unencrypted passwords, since convenience is more important to them. And if there’s one thing you should know about brute security, it’s that there’s nothing convenient about it.
Starbucks Confirms Storing Unencrypted User Passwords in iPhone App is a post by Craig Lloyd from Gotta Be Mobile.
via Gotta Be Mobile http://ift.tt/1eUMPq0
Ditulis oleh Unknown
Rating Blog 5 dari 5
0 komentar:
Posting Komentar