Twitter paswoorden 'gelekt'

Gebruikersavatar
devilkin
Elite Poster
Elite Poster
Berichten: 1717
Lid geworden op: 17 Mei 2006
Twitter: jdeluyck
Locatie: Gent
Bedankt: 55 keer
Uitgedeelde bedankjes: 113 keer
Contact:

Twitter paswoorden 'gelekt'

Berichtdoor devilkin » 04 Mei 2018, 08:31

Twitter is urging all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users' passwords by storing them in readable text on its internal computer system.

The social media network disclosed the issue in an official blog post and a series of tweets from Twitter Support.
According to Twitter CTO Parag Agrawal, Twitter hashes passwords using a popular function known as bcrypt, which replaces an actual password with a random set of numbers and letters and then stored it in its systems.

This allows the company to validate users' credentials without revealing their actual passwords, while also masking them in a way that not even Twitter employees can see them.

However, a software bug resulted in passwords being written to an internal log before completing the hashing process—meaning that the passwords were left exposed on the company's internal system.
Parag said Twitter had found and resolved the problem itself, and an internal investigation had found no indication of breach or passwords being stolen or misused by insiders.
"We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again," Parag said.
"We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day."
Still, the company urged all of its 363 Million users to consider changing their passwords to be on a safer side.

https://thehackernews.com/2018/05/twitter-account-password.html
Telenet Whoppa -- using Ubiquiti USG-3
Mobile Vikings & Proximus-- Using OnePlus 6 (ROM: Stock)

Tomby
Elite Poster
Elite Poster
Berichten: 3713
Lid geworden op: 01 Feb 2006
Bedankt: 245 keer
Recent bedankt: 3 keer
Uitgedeelde bedankjes: 422 keer

Re: Twitter paswoorden 'gelekt'

Berichtdoor Tomby » 04 Mei 2018, 09:51

Is nu al het tweede dergelijk lek op korte tijd. Ook bij Github was er een issue dat paswoord in the clear in log files terecht kwamen : https://tweakers.net/nieuws/138225/twit ... ld-op.html
Afbeelding


Terug naar “Ander nieuws”

Wie is er online

Gebruikers op dit forum: on4bam en 1 gast