Troubleshooting technical issues is much easier when both the user and support agent practice clear communication. For this reason, we have provided the template below for you to fill out with information about your issue. Please provide as much detail as possible so we can most efficiently resolve your problem.
Description of the issue:
After attempting to access your saved passwords, iOS Brave Browser will use the lock screen for the passwords, with the cancel button, for ALL authentications, until the app is restarted from the app switcher. A person unsuspecting of this vulnerability can then have their browser accessed by anyone by simply pressing Cancel when prompted for authentication.
How can this issue be reproduced?
- Make sure your Browser Lock is turned on, and access your saved passwords
- Go to the iOS home menu, and reopen the app
- You will now see the interface for the password lock, with the cancel button
- Press cancel and snoop around on the person’s tabs because this browser’s lock just got bypassed
It will only return to using the browser lock WITHOUT the cancel button if you close and restart the app from the app switcher
There should NEVER be a cancel button when opening the browser.
Brave Version( check
1.56 (184.108.40.206). Latest as of this posting.
Mobile Device details
iPad Mini 5, iPadOS 16.6
I posted a video demonstrating this epic fail of a security flaw. Link is here: https://youtu.be/up8634utByc