Is it Webroot Mobile that is asking "Enter your password to continue"?

  • 27 June 2016
  • 2 replies
  • 84 views

This morning I found a Webroot SecureAnywhere Mobile Complete screen up on my phone with 4 items it believes are threats.  There is an "enter your password to continue" dialog but no good way to confirm it is from web root.  Hitting the back button makes the password dialog go away, but it comes back when I next do something in the app.  This seems to indicate it is a webroot thing, particularly since all 4 of the threats it detected are semi-false positives (the software does contain exploits, but it is part of a rooting toolkit and some analysis software which do actually utilize exploits legitimately).
 
It's a little odd though because I've previously marked those items as being safe, so I'm not sure why they are back again or why I'd be getting a password prompt this time.  Was there some type of software update that changed system behavior?  Is the dialog legitimate?  As another feature suggestion, it might be good to have an ability to use OTPs for this kind of situation.  Perhaps allow generation of a one time password from the webroot website that could be used from a known good computer that can be used when prompting on a potentially compromised device.  Training users to enter their passwords in to a dialog they didn't initiate themselves is not a good practice.
 
(Additional wierd note, by continuously ignoring the prompt and hitting back, I was still able to add the software back to the ignore list and do everything I needed in Webroot, which seems extremely odd if it was promptingi me.  The prompts stoped when I switched out of Webroot, so it seems like it was Webroot asking, but why was it asking if it wasn't actually needed?

2 replies

Userlevel 7
Badge +62
Hello Ajh16,
 
Welcome to the Webroot Community 
 
i am am sorry that I cannot answer the issues that you are having.
 
The latest update was as shown here: https://community.webroot.com/t5/Announcements-and-Release-Notes/Android-version-3-8-1-7707-June-13-2016/m-p/257805
 
My best advise is to follow up with the Support Team and Submit a Support Ticket to see what they have to say conncerning this matter. I do not want to give you false information since I have not had this happen to me.on my mobile devise running WSAC. These threats may very well be a false positive and may need to be whitelisted.
 
If you have an idea or a Feature Request and the Developors can consider this  and we on the Forum can kudo the idea as well.
 
Hope this helps?
Userlevel 7
Badge +62
Hello again Ajh16,
 
Sorry I didn't mention the Mobile User Guide! Encase you didn't have it?:D

Reply