iOS 13 & iPadOS bug said to allow unauthenticated access to usernames & passwords
Credit:
Apple Insider
A bug in the current iOS 13 and iPadOS betas reportedly allows people to bypass security and access usernames and passwords in the Settings app — though in practice, the issue is a relatively minor threat.
Within the app, people can repeatedly tap on the "Website & App Passwords" option and bypass Face ID, Touch ID, or a passcode, iDeviceHelp noted on Monday. The issue is minor as a device must already be unlocked to access Settings.
Apple has been warned about the problem, but has yet to acknowledge it. Betas are inherently prone to bugs however, making it likely Apple will patch the vulnerability before the finished versions of iOS 13 and iPadOS launch this fall.