The abundance of various online services we use every day require a responsible approach to protecting them. The most reliable and perhaps simplest way to protect yourself from hacking is to protect every service really complex password. Unfortunately, remember it is sometimes much harder than to invent. In such situations come to the aid of the so-called password managers that can not only generate a solid combination, but keep it secret from outsiders. But not on Android.
According to the publication ZDNet , citing a survey of experts in the field of information security of the University of Genoa, password managers for Android almost unable to distinguish the fake services and applications. Thus, when a phishing resource for genuine applications give the fraudsters and password, and an email address used for authorization. Irony of all, that in this case, the complexity of security combinations for which we are managers, not matter.
The best password managers for Android
Surprisingly, before the fraudulent sites and vulnerable even the most authoritative and seemingly most secure password managers:
How to cheat a password Manager
The reason why password managers give the user credentials, lies in the peculiarities of their functioning. The vast majority of them check the authenticity of the application or service before authorizing, directing the request to the associated URL. If the response is positive, the Manager inserts the password and allows login. However, the vulnerability in Android allows scammers to spoof the authorization packet, forcing the Manager to accept the fake for the original.
Password Manager from Google
Fortunately, not all password managers are vulnerable. For example, Smart Lock from Google can not be deceived, palming off his forgery. This default Manager is preinstalled on all devices running Android 5.0 and higher, and so is immediately available to the vast majority of users.
To discuss this and other news Android in our Telegram chat.