Twitter paswoorden 'gelekt'

Elite Poster
Elite Poster
Berichten: 1794
Lid geworden op: 17 Mei 2006
Twitter: jdeluyck
Locatie: Gent
Bedankt: 59 keer
Recent bedankt: 2 keer
Uitgedeelde bedankjes: 140 keer

Twitter paswoorden 'gelekt'

Berichtdoor devilkin » 04 Mei 2018, 08:31

Twitter is urging all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users' passwords by storing them in readable text on its internal computer system.

The social media network disclosed the issue in an official blog post and a series of tweets from Twitter Support.
According to Twitter CTO Parag Agrawal, Twitter hashes passwords using a popular function known as bcrypt, which replaces an actual password with a random set of numbers and letters and then stored it in its systems.

This allows the company to validate users' credentials without revealing their actual passwords, while also masking them in a way that not even Twitter employees can see them.

However, a software bug resulted in passwords being written to an internal log before completing the hashing process—meaning that the passwords were left exposed on the company's internal system.
Parag said Twitter had found and resolved the problem itself, and an internal investigation had found no indication of breach or passwords being stolen or misused by insiders.
"We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again," Parag said.
"We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day."
Still, the company urged all of its 363 Million users to consider changing their passwords to be on a safer side.
Telenet Whoppa -- using Ubiquiti USG-3
Mobile Vikings & Proximus-- Using OnePlus 6 (ROM: Stock)

Elite Poster
Elite Poster
Berichten: 3795
Lid geworden op: 01 Feb 2006
Bedankt: 254 keer
Recent bedankt: 7 keer
Uitgedeelde bedankjes: 454 keer

Re: Twitter paswoorden 'gelekt'

Berichtdoor Tomby » 04 Mei 2018, 09:51

Is nu al het tweede dergelijk lek op korte tijd. Ook bij Github was er een issue dat paswoord in the clear in log files terecht kwamen : ... ld-op.html

Terug naar “Ander nieuws”

Wie is er online

Gebruikers op dit forum: axs, Didymus, MaT, meon, wied en 2 gasten