Click to Skip Ad
Closing in...

Massive iOS 8 flaw suggests parts of your password in autocomplete

Published Sep 29th, 2014 2:28PM EDT
iOS 8 Security Holes QuickType
Image: Zach Epstein, BGR

This could potentially be a significant problem for anyone who has installed iOS 8 on their device. iDownload Blog points us to a new report from that claims iOS 8’s QuickType smart keyboard feature will actually suggest parts of your password as part of its predictive typing feature.

MORE iOS FOLLIES: Apple admits to ruining your new iPhone 6, says iOS 8.0.2 is coming soon

As an example, iDownload Blog notes that one user in Apple’s Support Communities has claimed that their keyboard has started “offering ‘OrangeJuice’ as a suggestion each time he would type in ‘AppleUser’ because QuickType remembered the ‘OrangeJuice!2’ password he previously used to log in to Outlook Web App.” Even worse, the user reported that QuickType would even suggest “other passwords from other services and old passwords that I already changed.”

Since people typically use the same passwords for a variety of different accounts, even having just one of them compromised could be potentially disastrous. And as Jennifer Lawrence and other celebrities have discovered, you really, really don’t want people to know your Apple ID password if you’ve uploaded nude pictures onto iCloud.

This issue was first flagged last week by German security research Stefan Esser, who was surprised that QuickType suggested his password even though it wasn’t a regular word.

iDownload Blog recommends that anyone with iOS 8 turn off the QuickType predictive feature until Apple addresses the issue.

Prior to joining BGR as News Editor, Brad Reed spent five years covering the wireless industry for Network World. His first smartphone was a BlackBerry but he has since become a loyal Android user.