Pandora autologin question

Discussion in 'iPad Apps' started by aperry, May 22, 2010.

  1. aperry macrumors 6502a

    Joined:
    Jul 12, 2008
    #1
    I've restored my iPad a couple of times for various reasons. I've installed Pandora after each restore and each time it automatically loaded my account, without asking me for my username/password.

    My question: How does it do this? I would guess nothing is cached, since the restore would wipe this out. So is it identifying my MAC address and automatically logging me in based on that?

    That would seem odd (and insecure) to me, since I could return this device to the Apple store and then the next owner would automatically see my Pandora account.
     
  2. superstrikertwo macrumors 65816

    superstrikertwo

    Joined:
    Jun 9, 2008
    Location:
    California
  3. aperry thread starter macrumors 6502a

    Joined:
    Jul 12, 2008
    #3
    Nope. Not restoring to a backup. I'm curious if anyone else has tried this.
     
  4. Kahnyl macrumors 68000

    Joined:
    Feb 2, 2009
    #4
    Some apps use your UDID like a cookie. I've restored fresh multiple times and Pandora always remembers me. I've had other apps do the same.

    There was a story years ago about someone who sold their iPhone and the new buyer bought an app, opened it, and some info about the other person loaded.
     
  5. aperry thread starter macrumors 6502a

    Joined:
    Jul 12, 2008
    #5
    I figured it was something like this and I'm surprised. It seems like an obvious security hole and I don't know why they can't cache the encrypted credentials locally (which would be wiped when you restore). Obviously Pandora isn't exactly a mission critical app, but they do have passwords on accounts for a reason.
     

Share This Page