CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
      • Biometrics-and-auth
        • Acl-changes
        • Keychain-always-accessible
        • Keychain-sync
        • Local-biometrics
        • Missing-user-auth
        • No-verify
        • Pass-fallback
          • Keychain passcode fallback
      • Commoncrypto
      • Cryptoswift
      • Insecure-communication
      • Lang
      • Pathtraversal
      • Sql
      • Sqllite
      • Webview
      • Webview
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Pass-fallback

Keychain passcode fallback

keychain-passcode-fallback

The application was observed to store keychain items that leverage user authentication but allow the passcode fallback. Biometric modalities are considered more secure than 4 or 6 digit pincodes on iOS, and should be preferred over the passcode.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 7
- 2
- :
-

- L
- e
- a
- s
- t
-

- P
- r
- i
- v
- i
- l
- e
- g
- e
-

- V
- i
- o
- l
- a
- t
- i
- o
- n
Verify biometric changesHardcoded iv
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.