Apple iPhone users beware, all your IDs and passwords are at risk of you’re running this OS version.
Apple is yet to release the final, consumer version of its next iOS version, iOS 13. But until that happens, the iPhone maker has been rolling out the developer and public betas of the operating system with a sole aim to get feedback and fix bugs before it reaches everyone. But you still have several million already running iOS 13 public or developer beta versions to not just test but also experience the new features before others. These users in particular may have their IDs and passwords at risk due to a bug that exposes them way too easily than expected.
As reported by 9to5Mac (via Reddit), the bug is found in iOS 13 developer beta 3 and second public beta. The bug lets users access the ‘Website and App Passwords’ section under the Settings app. Anyone with an unlocked iPhone can simply access the section, bypassing the touchID and faceID security layers by repeatedly tapping the ‘Website and App Passwords’ menu. This will lead to iOS 13 revealing all the passwords and logins.
9to5Mac confirmed the vulnerability and it has also been shown in a video by iDeviceHelp. GadgetsNow can confirm this issue is not taking place in iPadOS for now. However, for those iPhone users who are running the latest iOS 13 beta versions, this is a serious security flaw. Reddit, where the issue cropped first, has several users complaining about it. Many have already reproduced the flaw on iPhone XS Max, iPhone X, iPhone 7, iPhone 8 Plus among other iOS 13 eligible iPhone models.
Some were even able to notice the flaw on iPad tablets. “Was able to replicate this as well on iPhone X, XS, XS Max, and 3rd Gen iPad Pro running beta 3 (latest version). Quite the bug there. Nice catch,” commented one of the Reddit users on the post.