Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on February 10, 2011

Researchers reveal iPhone passwords in under six minutes

Researchers reveal iPhone passwords in under six minutes
Matt Brian
Story by

Matt Brian

Matt is the former News Editor for The Next Web. You can follow him on Twitter, subscribe to his updates on Facebook and catch up with him Matt is the former News Editor for The Next Web. You can follow him on Twitter, subscribe to his updates on Facebook and catch up with him on Google+.

German researchers Fraunhofer SIT have demonstrated processes that enable a would-be attacker to compromise and reveal passwords stored in a locked iPhone in under six minutes, without having to crack the phone’s passcode.

The attack, brought to our attention by PC World, will be worrying to those who utilize a passcode lock to protect their iPhone devices, especially if a phone is stolen, as it can reveal passwords for corporate networks and other sensitive data.

The attack requires possession of the iPhone and targets the handsets individual keychain, the iPhone’s password storage platform. Researchers, utilising existing exploits, are simply able to jailbreak the device, install an SSH server on the device that allows them to run queries and execute third-party software on the phone.

Once access to the phone has been established, researchers were then able to copy a script to the phone that would access the keychain on the device. In-built system functions are employed to open the keychain and then output all of the users passwords, removing the need to physically crack any of the devices protection methods.

Passwords revealed in the attack include Gmail and Exchange passwords, LDAP acounts, voicemail, VPN and Wi-Fi passwords and even some application passwords.

Fraunhofer SIT created a video to demonstrate the attack:

The researchers at Fraunhofer SIT warn owners of a lost or stolen iPhone to instantly change their password:

“Owner’s of a lost or stolen iOS device should therefore instantly initiate a change of all stored passwords. Additionally, this should be also done for accounts not stored on the device but which might have equal or similar passwords, as an attacker might try out revealed passwords against the full list of known accounts.”

A paper with full details of the attack’s results can be accessed here – you might hold on to your iPhone that little bit tighter after reading it.