For those of you who think that your iPhone will thwart any criminal, we’ve got news for you: Someone can find your password in less than six minutes without any password cracking.
Researchers Jens Heider and Matthias Boll at Germany’s Fraunhofer Institute Secure Information Technology (Fraunhofer SIT) performed a fast jailbreak and installed an SSH server (which is not allowed by Apple, hence the necessity for the jailbreak). Then , they ran a short keychain access script which popped out the passwords and screen names. It wasn’t only the security code for your phone: The researchers were able to get Google Mail, VPN and MS Exchange passwords among others stored on your phone.
Heider and Boll suggest that if you lose your iPhone you begin to immediately change all your passwords since it is so easy to get access to work email and other personal accounts.
[via LA Times]
More on TIME.com:
“Credit Card Bait” In-App Purchases Worries Parents
Too Many Web Logins? That May Change
A Day After CEO Is Hacked, Facebook Rolls Out New Security Features