Skip to content

Sensitive data stored in keyboard cache

Sensitive data stored in keyboard cache

Description

Android stores non-numeric words in the keyboard cache. Sensitive information like login or passwords may leak if the auto-correction the feature is not disabled.

Recommendation

Standards

  • OWASP_MASVS_L1:
    • MSTG_STORAGE_5
  • OWASP_MASVS_L2:
    • MSTG_STORAGE_5