News

5.22.2019 Google Plaintext Passwords

May 22, 2019/in News /by Bace16

News came out yesterday, May 21, that Google had stored passwords in plaintext.

DC919 received an email notification that 2 users had a password stored in plaintext. “Google Planned Action: for your security, starting tomorrow Wednesday May 22, 2019 PT we will force a password change unless it has already been changed prior to that time.”

Admin checked the 2 users, they had only basic email access and Last Sign In: “Hasn’t signed in” The passwords stored were Google’s own auto-generated passwords. Previous to today, admin had the option to view the auto-generated password for a user after reset. Today, this is no longer an option. DC919 always forced the user to change their password on first login. The 2 users have been suspended and the group members the accounts belonged to have been contacted.

Follow us on Twitter!

DC919Follow

Retweet on Twitter DC919 Retweeted

Rebecca Deck @ranger_cha·

24h

Hey RTP #AppSec people, I'm doing some talks on embarassingly bad tests I've done and a technical talk on insecure deserialization at @OWASPTriangle this Thursday! We're not at the normal location, so don't show up at the wrong place

Reply on Twitter 1142947074067042305 Retweet on Twitter 11429470740670423056 Like on Twitter 114294707406704230513 Twitter 1142947074067042305

DEF CONFollow

Retweet on Twitter DEF CON Retweeted

Defcon Aviation Village @AviationVillage·

Contest info and terms have been updated. See if you're up for the challenge. We want to see how you "hack"/"pimp" your airplane. @defcon #aviationvillage #defcon https://t.co/8zTK6ruIvq

Reply on Twitter 1143254335842689024 Retweet on Twitter 11432543358426890243 Like on Twitter 11432543358426890243 Twitter 1143254335842689024

DEF CON GroupsFollow

Retweet on Twitter DEF CON Groups Retweeted

DC44141 @DC44141·

23 Jun

We're on in July for 2nd July , anyone fancy doing a talk ping @ZephrFish #DC44141

Reply on Twitter 1142806857955913729 Retweet on Twitter 11428068579559137294 Like on Twitter 11428068579559137293 Twitter 1142806857955913729

EFFFollow

EFF@EFF·

37m

“Using unsubstantiated information from foreign governments as the basis to separate families, including information from gang databases, should not be a pretext to interfere with parental rights of immigrants,” said Lisa Koop from the @NIJC. https://t.co/5g8yCTEJnF

Reply on Twitter 1143293005421375489 Retweet on Twitter 11432930054213754895 Like on Twitter 11432930054213754894 Twitter 1143293005421375489