search

buttercup / buttercup-mobile

:iphone: React-Native mobile application for Buttercup
https://buttercup.pw
GNU General Public License v3.0
392 stars 69 forks source link

[iOS] Password field value is not obfuscated #283

Closed casasfernando closed 2 years ago

casasfernando commented 2 years ago

I can't remember right now, but I'm pretty sure that in versions prior to v2.0.0 the password field value was obfuscated in the GUI.

In any case since v2.0.0 password field values are not obfuscated so while trying to get a username, OTP code or any other field from an entry the password value is clearly visible which I believe can be a security issue.

Any chance that this can be obfuscated like in the desktop app?

iOS version: 15.2 Buttercup version 2.0.1

Thanks.

perry-mitchell commented 2 years ago

It was obfuscated in v1, but forgot to add it in v2.. Will add it again..