Google acknowledges storing user passwords in plain text for 14 years

The technology firm said it had discovered a security vulnerability that could cause the account password of a large number of G Suite users to be saved as plain text.

On an article posted on Google's blog, the technology firm said it had discovered a security vulnerability that could cause the account passwords of a large number of G Suite users to be saved as documents. pure version. It is worth mentioning that this vulnerability existed in 2005, but it was not until 14 years later that it was discovered.

In addition, Google added that only a few G Suite users are affected by this security hole, and fortunately so far have not found any evidence that the vulnerability has been Exploit or bad guys have obtained user passwords.

Google claims that hackers can hardly access these passwords even in plain text because they are stored on its servers.

Google acknowledges storing user passwords in plain text for 14 years Picture 1Google acknowledges storing user passwords in plain text for 14 years Picture 1

This vulnerability is caused by an administrator of the enterprise resetting the user password for G Suite applications manually. Then, the administrator's control panel will save the employee's new passwords under plain text instead of encrypting them with hash functions.

Google acknowledges storing user passwords in plain text for 14 years Picture 2Google acknowledges storing user passwords in plain text for 14 years Picture 2

Currently, Google has fixed the error. This is not the first time a user's password has been stored in plain text. In early 2018, after discovering a serious error in the system, Twitter recommended all 330 million users change their passwords. In March this year, Facebook also acknowledged storing passwords for more than 600 million users in plain text, and more than 20,000 employees can read them.

3.5 ★ | 2 Vote