On April 27, Reddit user u/Divinux also known as the 33-year-old German IT expert Andre alerted other crypto users on the platform by posting that the predictive text feature of his phone was able to guess his seed phrase. Andre said that ‘predictive typing remembers your used words and will suggest the second word as soon as you type the first one, especially if it’s a word you commonly use.’
Andre shared in his post that it would be easy for hackers to use the feature to drain crypto users of their funds if they can predict the first word in the seed phrase from the Bitcoin Improvement Proposal (BIP39) word list, which is a list of easy to remember words to help serve as a backup recovery password.
‘This makes it easy to attack, get your hands on a phone, start any chat app, and start typing any words off the BIP39 list, and see what the phone suggests.’
In an interview with CoinTelegraph on May 1, Andre shared that he was also ‘stunned’ the moment that his phone managed to predict the first couple of words from his seed phrase. He said that he first took it as a coincidence. However, the same thing happened to him again after a couple of tries.
This is when Andre realised how problematic it would be for crypto users if their data is compromised because of the predictive text feature of their phones. He then thought of telling people about it to warn people who have typed their seed phrases into their phones.
According to Andre’s experiments, Google’s GBoard seems to be the most protected keyboard software since it can’t predict the sequence of the words in a seed. Meanwhile, Microsoft’s Swiftkey predicted the seed phrase word for word.
Andre suggested a safety measure for other users saying that they should clear their predictive type cache to prevent their keyboard applications from predicting their passwords and seeds.
Andre’s post proved to be concerning for other crypto users on the platform with users like Deathbyfish13 saying that they ‘didn’t realise there was such a disadvantage to using mobile for crypto, lucky I’ve mostly been using desktop anyway.’
On the other hand, there are other users like Maleficent_Plankton who are sceptical about Andre’s finding, saying that ‘technically, keyboard applications are designed to ignore password fields.’ They further explained that keyboards do not store any password fields into the word suggestion for predictive texts. There are still no words from crypto experts about the issue.
Bitcoin (BTC) $ 26,241.00 0.24%
Ethereum (ETH) $ 1,591.55 0.05%
Tether (USDT) $ 0.999419 0.06%
BNB (BNB) $ 212.34 0.51%
XRP (XRP) $ 0.501209 0.7%
USDC (USDC) $ 0.999687 0.07%
Lido Staked Ether (STETH) $ 1,591.49 0.1%
Cardano (ADA) $ 0.245081 0.72%
Dogecoin (DOGE) $ 0.060647 0.77%
Solana (SOL) $ 19.05 1.85%
Expand your knowledge and invest in the cryptocurrency industry.