Using Password Managers On Your Phone? Security Experts Have THIS Warning – News18

It is a hard task to remember passwords for all your accounts and that’s where the password managers help you keep all the passwords in one place. But security experts have warned about a major issue with the password managers that can expose your credentials to any bad actor that can take advantage of the loophole in these apps.

The issue was reported by researchers from the International Institute of Information Technology (IIIT) in Hyderabad, India during the Black Hat conference in Europe. So what is the issue with password managers that affects millions of users?

The researchers have talked about the vulnerability called ‘autospill’ which is linked to the autofill password feature available on Android phones. Google has set up a WebView page where the autofill password operates without opening the web browser.

The autospill issue confuses the password manager about where to autofill the password and this is where these apps can leak the passwords to the base app by mistake, the researchers have been quoted in this report. The worrying part is that popular password managers like 1Password, LastPass, Keeper and Enpass have been tested and reported to have this flaw. These apps were tested on Android phones with the latest software update.

The developers of these apps and Google have been informed about the flaw and they have talked about working on a fix and in the meanwhile warn users about the dangers caused by the autospill issue.

Some password managers aren’t sure if the findings do raise any alarm bells and are seeking more details from the researchers to get to the root of the problem. The issue has been reported on Android so far because they have only tested it on Android devices. But soon, the researchers will test the issue on iOS devices as well.