Quote of the Day: “If I get my hands on someone’s lost phone, it could take me ten minutes to find an account username and password.”

An uncomfortably large percentage of mobile applications are storing sensitive user account information unencrypted on owners’ smartphones, according to a new survey of 100 consumer smartphone apps.

Click to enlarge.

Some 76 percent of the apps tested stored cleartext usernames on the devices, and 10 percent of the tested applications, including popular apps LinkedIn and Netflix, were found storing passwords on the phone in cleartext.

Conducted by digital security firm ViaForensics, the testing occurred over a period of over eight months and spanned multiple categories, ranging from social networking applications to mobile banking software. The firm tested apps only for iOS and Android, the market’s leading mobile platforms.

“If I get my hands on someone’s lost phone, it could take me ten minutes to find an account username and password,” said Ted Eull, techology services vice president at ViaForensics, in an interview. (The Bad App List.)

Read up on what to do about it, here.