Safari 6.0.5 Stores Passwords In The Text File

By | December 16, 2013


Safari 6.0.5 Stores Passwords In The Text File

Who needs encryption anyway?

If you’re still using Safari 6.0.5 on Mac OSX 10.8.5 or 10.7.5, then it’s a good time to ditch it.

According to the recent discovery by Kaspersky Labs, there is a serious issue with the way Safari handles last session data. Basically, to gain access to your passwords and IDs, all you have to do is open LastSession.plist file and that’s it.

The data is not encrypted and the only thing that Apple did to “increase the security” was set that file attributes to “hidden”.

Pretty neat.


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

Comments (4)

Trackback URL | Comments RSS Feed

  1. Tiago Sá says:

    Not for the first time too. Safari is and has always been the Internet Explorer of the Mac OS.

  2. Tiamat says:

    I know Safari was discontinued for Windows since 5.1.7 but has anyone been able to continue development on Windows?

    • MeHRaN says:

      And why on earth should anyone be interested in doing that?
      By the way, you could install Mountain Lion on a VM and run the latest version of Safari on it.