Skip to main content

FaceTime for Mac beta has big security flaw

Into every life a little rain must fall, or so they say — so hot on the heels of the release of beta Facetime software which lets Mac users chat to their iPhone-using buddies, a German Mac website is warning there’s a nasty security gremlin in the code.

Principally, miscreants can easily get access to a FaceTime user’s Apple ID and reset the password, the site warns.

“Once you’ve logged into FaceTime you can have a look at all the account settings of the used Apple ID. Username, ID, place and birth date are shown as well as the security question and the answer to it – in plain text, without another password request.”

The site warns that accessing and changing the password is relatively easy — and there’s one more thing:

“When you choose “Log Out” from the top menu, the password remains in the password field, even when restarting the application. That shouldn’t be the case tho: Applications should remove passwords from the password field as soon as the application is closed.”

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel