Site icon MacTech.com

Researchers say they can predict iOS-generated hotspot passwords

iOS 7.jpg

Although iOS generates seemingly random passwords for its hotspots to eliminate the use of “default” passwords, researchers at a German university have found that they are able to break these passwords in under a minute, reports “ZDNet” (http://tinyurl.com/n7haj5f).

Researchers at the University of Erlangen in Germany say they’ve found a flaw in the automatically generated pre-shared keys used in Apple’s iOS hotspots. They say the method in which these passwords are generated leaves them vulnerable to attack.

According to their paper, “Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots,” the passwords are a combination of a short dictionary word followed by a series of random numbers. This does allow each password to be different, but, according to the researchers, an attacker can easily determine what passwords iOS uses for its defaults, because there’s a limited list of words that are used to generate the password, notes “ZDNet.”

Exit mobile version