Google exposes G Suite issue that stored plain-text passwords on its servers for 14 years - sharpebeight1953
Google has begun forcing "a subset of our enterprise G Cortege customers" to modify their passwords after an issue that unknowingly left wing passwords exposed for more than a X.
In a post to its Google Cloud web log Tuesday, the society defined an error ready-made back in 2005 that stored a copy of actual substance abuser passwords rather than the usual disorganised "hashed" version, thus making it possible for an outside attack to gain access to usable passwords. Google explains that the issue has been fixed and the company has "seen no evidence of irregular access to Oregon misuse of the emotional passwords."
Google says the passwords were nonmoving stored on its "secure encrypted infrastructure," thus the likelihood of an outside attack was low.
Google blames a legacy feature article set for the publication. Back in 2005, G Retinue domain administrators were given the ability to place and find passwords along the client slope for their own users, so they needed access to unhashed passwords. Google has since jettisoned this functionality and requires each G Suite passwords to be readjust sort o than recovered, just like Gmail.
Additionally, Google unearthed a separate supply that started in January that also led to unhashed passwords beingness stored for up to 14 days. Like the strange return, Google has nonmoving the problem and hasn't found some demonstrate of "unseemly access to or misuse of the wonder-struck password."
As a result, Google is informing all impressed clients to change impacted passwords and volition readjust any that aren't manually changed. Google apologized for the issue and promised it "bequeath do better" in the early.
While this particular issue doesn't affect Gmail users (remote of G Suite subscribers), it drives home the deman to use strong, unusual passwords for every critical site and service you use. If you aren't using a watchword manager eventually, you should atomic number 4. Our roundup of the best password managers can get you on the right dog if you take help selecting one.
Promissory note: When you purchase something after clicking links in our articles, we may earn a bitty commission. Read our assort link policy for more details.
Michael Simon has been covering Apple since the iPod was the iWalk. His obsession with technology goes back to his first PC—the IBM Thinkpad with the lift-up keyboard for swapping verboten the drive. He's still waiting for that to return in style tbh.
Source: https://www.pcworld.com/article/397482/google-exposes-g-suite-issue-that-stored-plain-text-passwords-on-its-servers-for-15-years.html
Posted by: sharpebeight1953.blogspot.com
0 Response to "Google exposes G Suite issue that stored plain-text passwords on its servers for 14 years - sharpebeight1953"
Post a Comment