Abstract
User has an ID and password for each of the multiple Internet services. This can lead to administrative difficulties by having multiple IDs and passwords, and may cause other sites to be compromised by information leakage from one site due to the use of similar IDs and passwords. Password managers are increasingly used to solve these problems. The password manager manages the user account information to provide the user with the convenience of management and security against vulnerable IDs and passwords. However, a vulnerability exists in the password manager. This paper analyzes vulnerability of password manager in Android environment based on related research and suggests possibility of all account information leakage and countermeasures.
| Translated title of the contribution | Method of hijacking a user account using a password manager vulnerability |
|---|---|
| Original language | Korean |
| Pages (from-to) | 9-18 |
| Number of pages | 10 |
| Journal | 디지털포렌식연구 |
| Volume | 12 |
| Issue number | 1 |
| DOIs | |
| State | Published - 2018 |