Passwords stored in plain text after Lion update
Legacy FileVault users (those who used FileVault before Lion) running a recently updated version of Mac OS X Lion should consider changing their login passwords. According to a report in ZDNet, an Apple programmer inadvertently left a debug flag in the latest 10.7.3 version of Mac OS X that turns on a system-wide debug log file. This log file stores the user's login passwords in plain text and is located in an unencrypted area.
Any user with admin or root access can read this file, grab the login credentials and access your encrypted data. If you use Time Machine to backup your system, this log file is also available from your archive.
This glitch affects users who enabled FileVault encryption, upgraded to Lion and kept folders encrypted using FileVault. FileVault 2 users are not affected by this bug. This glitch was first noticed by an Apple Support Community member who posted about the plain text passwords back in February.
Share
Deals of the Day
more dealsSoftware Updates
more updates- Agile Partners releases Lick of the Day 2.0
- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements
- DabKick for iPhone lets you share photos, watch videos and now listen to music in real-time
- Google Now added to search app on iPhone, iPad
- GateGuru for iPhone has been updated and greatly improved
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.