password saved by default android Browser

Vote:
 

When I study about default browser in android, I see the password that saved by it does't encrypt. Is it security threat? Is there any way to an android application that reads these password and abused them (with respect to this is possible to read browser history)? Is there any CISSP way to encrypt these passwords?

Update: I see the passwords saved in /data/data/com.android.browser/webview.db file. Does cookies for default browser save in this file, too? If it is true, the sites access to this file for read and write cookies, and then a malicious app that resides on a site, can be access to webview.db.

#285153
Aug 08, 2022 7:07
This thread is locked and should be used for reference only.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.