Passwords unencrypted?!

redplate

Senior Member
Feb 8, 2009
858
244
73
Hi. i've just found today a file named "accounts.db" stored in /data/system. if i open this file i can see all accounts (names with password) i use on my mobile, like Email or HTC Acc. And they are all (excepted google's account) unencrypted. And even if i delete all my email-accounts, the entry in this file is still present.

so if you lost your mobile, be sure that guy can read your passwords for your email accounts.

My question is: Is it possible to encrypt this file or keep my passwords on an android mobilephone safe...? i know google and its a very suspect OS, but this is.. lousy.
 
Last edited:

Digital Outcast

Retired Moderator
Jul 26, 2006
1,986
102
0
Woodstock, GA
Hi. i've just found today a file named "accounts.db" stored in /data/system. if i open this file i can see all accounts (names with password) i use on my mobile, like Email or HTC Acc. And they are all (excepted google's account) unencrypted.

so if you lost your mobile, be sure that guy can read your passwords for your email accounts.

My question is: Is it possible to encrypt this file or keep my passwords on a android mobilephone safe...? i know google and its an very suspect OS, but this is.. lousy.
http://www.androidcentral.com/android-passwords-rooted-clear-text

Only advice I can say is invest in a decent wrist strap, something like what comes with a Wii remote controller :cool:

GG Google!