1Password V.5.1.2 Security flaw on iPhone iOS 8.1.2
I found the following security flaw: I opened the app, typed in my master password, and had to close the app before hitting "go" (enter). The app remained running in the background, and when I opened the app back up, my password was still entered. All I had to do was press "go" to access the app. I would consider this a major security bug and should be addressed. Anyone could have accessed my passwords just by opening the app and pressing "go" if I failed to hit "go" after typing my master password.
Additionally, there is no in-app way to contact Support to report things like this.
Comments
-
Hi @jidrobbins
Thanks for letting us know about this. I'll file an improvement request with our developers and see what they say. :)
Additionally, there is no in-app way to contact Support to report things like this.
There is. Inside the app under Settings > Help there is a button to visit these discussion forums.
Thanks!
ref: OPI-2116
0 -
There is. Inside the app under Settings > Help there is a button to visit these discussion forums
Yes, that is how I found this, however it required joining a forum, which could dissuade some people from reporting issues. Thanks
0 -
Thanks for the feedback!
0
