Report: Dozens of Very Popular Mobile Apps Vulnerable to Password Cracking

Monday Jul 20th 2015 by Developer.com Staff

CNN, ESPN, Expedia and Walmart apps are among those that don't limit password attempts.

Security vendor AppBugs is calling out mobile development firms that do not limit password attempts on their apps. If an app allows unlimited password guesses, it makes it possible for hackers to use lists of popular passwords to try to figure out users' passwords. In fact, some believe it was support for unlimited password attempts that allowed hackers to steak celebrity photos from iCloud last year.

AppBugs says that dozens of apps that have more than 300 million downloads allow unlimited password attempts. It has contacted the developers about the problem, but CNN, ESPN, Slack, Expedia, Zillow, SoundCloud, Walmart, Songza, iHeartRadio, Domino’s Pizza, AutoCAD and Kobo haven't fixed their apps despite having more than 90 days to do so.

View article

Mobile Site | Full Site