Google stored some passwords in plain text for fourteen years

In today's blog post, we announced a bug that caused some of our G Suite users to save passwords in clear text. This bug has occurred since 2005. But Google says it can not find any evidence that someone's password was improperly accessed. Reset passwords that might be affected and notify your G Suite administrator of the problem.

G Suite is an enterprise version of Gmail and other apps from Google, and apparently there was a bug in this product. company. Initially, the company manager of the G Suite application could manually set the user password before the new employee boarded it, but the administrator saved the password in plain text instead of hashing. We have removed manager privileges in the future.

Our posting goes a long way towards explaining how cryptographic hashing works to make sure the nuances surrounding this bug are clear. The password was stored in plain text, but because it was stored as plain text inside Google's servers, it became more difficult than when I just connected to the open Internet. Although Google has not spoken so explicitly, it seems that people want to get rid of this bug in the same category as other leaked plain text passwords.

And ah, wired There were many things like notes. Twitter encouraged all of its 330 million users to change their passwords again in March due to violations. Facebook stored the password for [수억 개] in plain text in a manner accessible to 20,000 employees . Instagram had to keep in mind that Facebook violations actually affected millions of Instagram users.

Google did not characterize the number of users affected by this bug beyond the 2005 G Suite user affecting "part of the Enterprise G Suite customer." We were unable to find evidence of malicious use of this access. It is not clear who has access to this plain text file.

Anyway it has been fixed now and we regret posting on the whole issue.

We take corporate customer security very seriously and we take pride in developing industry best practices for account security. Here we did not meet our own standards or customer standards. I apologize to the user and will do better.

Please Note: This content is provided and hosted by a 3rd party server. Sometimes these servers may include advertisements. igetintopc.com does not host or upload this material and is not responsible for the content.