CodeQL documentation

Exposure of sensitive information to UI text views

ID: java/android/sensitive-text
Kind: path-problem
Security severity: 6.5
Severity: warning
Precision: medium
   - security
   - external/cwe/cwe-200
Query suites:
   - java-security-extended.qls
   - java-security-and-quality.qls

Click to see the query in the CodeQL repository

Sensitive information such as passwords should not be displayed in UI components unless explicitly required, to mitigate shoulder-surfing attacks.


For editable text fields containing sensitive information, the inputType should be set to textPassword or similar to ensure it is properly masked. Otherwise, sensitive data that must be displayed should be hidden by default, and only revealed based on an explicit user action.


In the following (bad) case, sensitive information in password is exposed to the TextView.

TextView pwView = getViewById(;
pwView.setText("Your password is: " + password);

In the following (good) case, the user must press a button to reveal sensitive information.

TextView pwView = findViewById(;
pwView.setText("Your password is: " + password);

Button showButton = findViewById(;
showButton.setOnClickListener(new View.OnClickListener() {
    public void onClick(View v) {


  • © GitHub, Inc.
  • Terms
  • Privacy