Did you know that passwords such as your email password, VPN password and your WiFi password are stored unencrypted on your iPhone 4, and that these passwords can easily be accessed by anyone with physical access to your phone – even if it’s locked with a password?

Today Fraunhofer Institute presented a simple way to retrieve stored passwords on your iPhone 4 – even if it’s locked with a 4-pin or strong password. While the contents of the phone is encrypted (all application data is encrypted, which means that passwords stored in mobile Safari are safe), it seems that the keychain file that stores passwords for email accounts, VPN passwords and WiFi connections is NOT encrypted.

So hold on tight on your iPhone and don’t loose it until Apple fixes this. My guess is that this is NOT just a simple fix, and might require significant re-engineering to resolve.

Update on Feb 11: Added clarification that it’s not all passwords that are stored unencrypted. However for most corporations I believe that the email, VPN and WiFi are the most important ones – and they are stored unencrypted.

Time for a new case for your iPhone 4?

Get it at iPhoneservice.se

Aralon: Sword & Shadow is a new iPhone and iPad game coming out in December and it looks absolutely stunning, like a single-player copy of World of Warcraft.

I wonder how often people would tell me that I hold my phone wrong if I put this sticker on the back of it. So tempting…

“This decal shows the iPhone 4′s icons and UI on your iPhone 4. Have fun making up your iPhone 4 with this vinyl decal!” – etsy.com