CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
        • Biometrics-and-auth
          • Acl-changes
          • Keychain-always-accessible
          • Keychain-sync
          • Local-biometrics
          • Missing-user-auth
            • Keychain without user auth
          • No-verify
          • Pass-fallback
        • Commoncrypto
        • Cryptoswift
        • Insecure-communication
        • Lang
        • Pathtraversal
        • Sql
        • Sqllite
        • Webview
        • Webview
      • Terraform
      • Typescript
      • Yaml
    Missing-user-auth

    Keychain without user auth

    keychain-without-user-auth

    The application was observed to store keychain items that do not leverage user authentication. Requiring the user to provide authentication increases the confidence that the person using the phone is indeed authorized to view the information being retrieved.
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - C
    - W
    - E
    - -
    - 2
    - 8
    - 7
    - :
    -

    - I
    - m
    - p
    - r
    - o
    - p
    - e
    - r
    -

    - A
    - u
    - t
    - h
    - e
    - n
    - t
    - i
    - c
    - a
    - t
    - i
    - o
    - n
    OWASP:
    - A02:2017 - Broken Authentication
    - A07:2021 - Identification and Authentication Failures
    Insecure biometricsVerify biometric changes
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.