Monday, September 16, 2019
Home Security Google stored some business passwords as plain text
In this Monday, Nov. 5, 2018, photo, a woman carries a fire extinguisher past the logo for Google at the China International Import Expo in Shanghai. Internet traffic hijacking disrupted several Google services Monday, Nov. 12, 2018, including search and cloud-hosting services. (AP Photo/Ng Han Guan)

Google stored some business passwords as plain text


Facebook isn’t the only big tech company found to be storing passwords in plain text. Google has warned G Suite users that an “error” in a password recovery implementation left some of their passwords unhashed on its internal systems since 2005 until that method was discontinued.

Other plain passwords had been temporarily stored since January 2019, Google said. All those systems were encrypted, and there was “no evidence” that someone had misused the info, but it still raised the possibility that an intruder could have direct access to logins if they cracked the encryption.

The company isn’t taking any chances despite the lack of known breaches. It’s asking G Suite administrators to change passwords, and it’s automatically resetting passwords for those who do nothing. Consumer Google accounts aren’t affected by the flawed approach.

[Read More]


Please enter your comment!
Please enter your name here