31-03-2025 08:18 PM - last edited 31-03-2025 08:26 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
31-03-2025 08:40 PM - last edited 31-03-2025 08:41 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
31-03-2025 08:42 PM - last edited 31-03-2025 08:44 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
31-03-2025 08:43 PM - last edited 31-03-2025 08:45 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
31-03-2025 08:51 PM - last edited 31-03-2025 08:52 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
31-03-2025 08:59 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
I agree that it is a concern and a security flaw in this ituation so worth reporting. An oveall review of the merits of Samsung Pass in this article. https://www.allthingssecured.com/reviews/password-managers/samsung-pass/
I do not work for Samsung or make Samsung Products but provide independent advice and valuable contributions.
31-03-2025 09:14 PM - last edited 31-03-2025 09:23 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
I'm guessing it is supposed to run a check but it just doesn't
31-03-2025 10:23 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
What if you use only fingerprints for Samsung Pass?
31-03-2025 10:48 PM - last edited 31-03-2025 11:01 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
Meaning it bypasses your fingerprint, as long as they know the device unlock code. This could be found by looking over your shoulder when you unlock your phone
To be fully clear, that means the unlock to turn your phone on. They do not need to know the samsung pass pin or anything else.
Enabling that setting should require your fingerprint or samsung pass pin. But it just doesn't.
(This is an example, I of course would never do this)
So if I knew your phone pin and had the phone, I could get into your samsung pass without needing a fingerprint or the samsung pass pin by just enabling "use screen lock". With that access, I could find your samsung account details. Since your phone is a 2fa method, that would let me steal the samsung account. Then reset the phone using the password for the samsung account. I would have gained a new reset phone and locked you out of the account.
If samsung added protection to this setting. I would have no way into your samsung pass meaning no account stealing and no phone reset. You would remotely track and lock the phone, protecting your data.
Again, would never do this, do not do this. I think explaining the attack really shows my point
31-03-2025 11:06 PM - last edited 31-03-2025 11:08 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
