iPhone Password Flaw Discovered - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices

iPhone Password Flaw Discovered

Once the emergency call keypad is accessed through the passcode entry screen, a person only needs to double tap the home button.

The Apple iPhone password that's used to protect personal information can be easily circumvented, according to users.

Circumventing the password involves the use of the device's "emergency call" keypad and amounts to only a couple of taps on the iPhone's multitouch screen, according to reports of the flaw on the forum of the MacRumors Web site.

Once the emergency call keypad is accessed through the passcode entry screen, a person only needs to double tap the home button, which takes the user to the iPhone's favorites section. From there, a person gets full access to the device, including applications, contact lists, and e-mail.

The apparent flaw, however, has a simple fix. Through the iPhone's "settings" option, a person only has to disable double tapping on the home button to make the device secure once again, users reported.

Apple did not respond to a request for comment.

IPhone security is a key issue in use of the device on corporate networks. Getting businesses to adopt the iPhone was a major focus in Apple's release of version 2.0 of the iPhone operating system over the summer. Find out what 2,000 IT professionals told InformationWeek about their plans and priorities for securing their companies' assets. Download the report here (registration required).

Nevertheless, security issues have arisen with use of the iPhone. InformationWeek, for example, reported potential security problems in using Apple's tools for creating custom configuration files that can be used to provision large numbers of iPhones on an enterprise environment.

In addition, the iPhone Mail and Safari applications in July were found to be vulnerable to URL spoofing. Security researcher Aviv Raff reported the problem and recommended that users not click on links to get to trusted sites, like online banks; but rather type URLs in manually until the problem is resolved.

Raff has criticized Apple for its handling of Safari security, saying the company has failed to learn from past browser design mistakes.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
How CIOs Can Advance Company Sustainability Goals
Lisa Morgan, Freelance Writer,  5/26/2021
IT Skills: Top 10 Programming Languages for 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/21/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll