S-Memo stores Google Account credentials in plain-text, rooted users at risk

By on

It has been revealed that Samsung’s S-Memo app stores a user’s Google Account’s password in plaintext. And while it isn’t issue for most users, those who have rooted their phones are at risk as it is accessible.

According to XDA Developers, Samsung stores the password inside a SQLite database. The problem was found on a Galaxy S III running Ice Cream Sandwich and has to do with the /data partition being readable by any app in the /system partition. Again, this is only for devices that have been rooted, not for those still running the version that Samsung pre-installed.

Though while those who haven’t rooted their phones are not at risk, apparently, it is a bigger concern that Samsung stores your password as plain text. Who the hell does that?

Rooted users are advised to be wary of apps. According to Phone Arena, it could become a possible concern as more and more apps are storing data this way.

Join the Conversation