Google acknowledges storing user passwords in plain text for 14 years
On an article posted on Google's blog, the technology firm said it had discovered a security vulnerability that could cause the account passwords of a large number of G Suite users to be saved as documents. pure version. It is worth mentioning that this vulnerability existed in 2005, but it was not until 14 years later that it was discovered.
In addition, Google added that only a few G Suite users are affected by this security hole, and fortunately so far have not found any evidence that the vulnerability has been Exploit or bad guys have obtained user passwords.
Google claims that hackers can hardly access these passwords even in plain text because they are stored on its servers.
This vulnerability is caused by an administrator of the enterprise resetting the user password for G Suite applications manually. Then, the administrator's control panel will save the employee's new passwords under plain text instead of encrypting them with hash functions.
Currently, Google has fixed the error. This is not the first time a user's password has been stored in plain text. In early 2018, after discovering a serious error in the system, Twitter recommended all 330 million users change their passwords. In March this year, Facebook also acknowledged storing passwords for more than 600 million users in plain text, and more than 20,000 employees can read them.
You should read it
- Facebook admits storing millions of user passwords in plain text
- What is the smartest and safest way to store passwords?
- How Linux stores and manages user passwords
- The last 9 years Firefox has not protected user passwords carefully
- Vulnerabilities discovered in many web browsers that allow users to be tracked through installed applications
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonus
- IBM developed a new technology to patch security holes
- There are vulnerabilities that allow hackers to bypass the fingerprint security mechanism of Lenovo computers
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
- Detecting vulnerabilities in BitTorrent applications allows hackers to control user computers
- How do websites protect your passwords?
- Microsoft warns of the dangerous usage habits of millions of users
Maybe you are interested
How to Easily Move All Passwords from iPhone to Android
This list of common passwords shows how little we understand about online security
Are complex passwords 'out of date'?
More than 60% of passwords are cracked by AI in less than 60 seconds
Create passwords for apps and games on iPhone 6, 5s, 5
Why should you store passwords in Bitwarden?