PasswordPilot Pro Automatically Enters Password While Downloading Apps And Updates [Jailbreak Tweak]

One of the annoying things while downloading or updating apps from the App Store is that, iOS always prompts you to enter your Apple ID account password. While it seems prudent to enter the password when you’re downloading a paid app, it seems unnecessary when you want to download a free app or an app update from the App Store (assuming you lock your iPhone with a passcode).

If you’ve jailbroken your iOS device then you could check out PasswordPilot Pro – a jailbreak tweak released few days back.

PasswordPilot Pro is developed by Filippo Bigorella who has also developed jailbreak tweaks such as CleverPin that we wrote about earlier today, Springtomize – a jailbreak tweak that allows you to customize almost all aspects of iOS, SMS+  – a jailbreak tweak that enhances the native Messages app.

With PasswordPilot Pro, you enter your account credentials once via Settings app (Settings -> PasswordPilot Pro -> Accounts -> Add Account) and it takes care of entering the password when you want to download an app or app updates, so it saves you the hassle of entering it again. The password is stored securely (using NSA-approved encryption standards).

If you’re like us and not comfortable with the tweak automatically entering the password for paid apps, then you can disable it using the Settings app (Settings -> PasswordPilot Pro-> tap on the App Store toggle). It would have been pretty cool if we could enable this feature for free apps.

PasswordPilot Pro works with the App Store, iTunes Store, iBooks, Find My Friends and also In-App purchases (wherever iOS prompts you for the Apple ID account password). It also supports multiple accounts.

You can also set a master password so that PasswordPilot Pro settings cannot be overridden by someone who has access to your iPhone or iPad.

You may say that we’re being too lazy, but PasswordPilot Pro like CleverPin is another useful jailbreak tweak by Filippo. It is available in Cydia for $1.99.

Let us know what you think of PasswordPilot Pro in the comments.

Like this post? Share it!
  • Andy

    Nice tweak!

  • cjefbg

    I wouldn’t go so far as to say the password is stored securely: the situation is exactly the same as DRM. No matter what encryption method is used, the app needs to be able to decrypt the password if it’s to make use of it, which means that both the encrypted password, and the key to decrypt the encrypted password are on the same device.

    Any claims about the security of the encryption algorithm become irrelevant, because retrieving the key is far easier than breaking the encryption. DVD, Blu-Ray and HDMI all use an ‘encryption’ scheme like this, and they’ve all been broken, because the situation is analogous to locking your front door, then instead of taking your keys with you, hiding them under the doormat.

    The most secure way to do this (without cooperation from the App Store) would be to ask for the password every time the device is booted, then keep it in memory and never write it to the disk. The password can still be extracted by strapping the app to a debugger, but that was always the case anyway.

    • pontiac

      only fool people will use this tweak..

      • cjefbg

        There’s very little risk to having your Apple password compromised, provided the following are true:

        1) Your Apple password is not re-used anywhere else
        2) Your Apple password is not re-used on the device, for instance as your root, SSH, or SMB/CiFS password
        3) You don’t use any Apple services apart from the App Store

        If you don’t use iCloud, (including its related services like Find My iPhone, calendars, photos, mail), then there’s no personal information secured by your Apple password to compromise.

        An attacker with your password can’t view your credit card details; the only thing they can do is buy you apps with your money. The only way to monetise such an exploit would be to buy apps/IAPs that were published by the attacker, and that’s pretty traceable.

        The other risk is having your password changed on you, which would be inconvenient, but not damaging.

        Finally, retrieving the password from this app would require access to the device (either physical or remote), so as long as you don’t lose it, and your other passwords are secure, there’s little risk of compromise.

  • ifonix

    nice, save few seconds and hassle. but 2$? i’m not stingy person and will pay good money for good tweaks and app’s. i donate to developers and will do it in de future again.
    and more important.. read again what cjefbg witten here above.

  • We use it and this is must install Cydia App…

  • cjefbg

    I’m not paying $2 just to try this, but what happens if you’ve set paid apps to require a password, and then someone buys a free app, then within the fifteen-minute window tries to buy a paid app?

    Does it automatically switch off the fifteen minute grace period, does the app get bought, no password required, or does it depend on whether you’ve set Restrictions to 15 Minutes or Immediately?

    • cjefbg

      For ‘buys a free app’ read ‘installs updates’.

  • Junky228

    If you’re like us and not comfortable with the tweak automatically entering 4he password for paid apps, then you can disable it using…

    You mean the password, right