Google Has Been ‘Accidentally’ Storing Passwords in Plaintext Since 2005

Share Article

Google is facing controversy after it recently admitted that it has ‘accidentally’ been storing user passwords in plaintext. These passwords were unprotected due to a bug and affected only a ‘small percentage of G Suite users.’

Sponsored



Sponsored

G Suite users may want to think about alternative cloud computing options. Apparently, Google has been storing passwords in plaintext due to a bug. The bug allegedly did not impact individual consumer accounts but did put business and corporate accounts in jeopardy.

Sponsored



Sponsored

Bad Google

Google typically stores its passwords in a cryptographically-scrambled hash. However, due to the bug, G Suite’s password recovery feature for administrators somehow allowed the passwords to be stored in the admin’s control panel. As of recently, Google has disabled the feature causing the security risk.

However, for a long time, the passwords were accessible to both authorized Google personnel and malicious hackers.

The plaintext bug is nothing new. In fact, Twitter and Facebook have both dealt with similar issues in the past year or so. However, Google is taking this a step further by auto-resetting passwords out of caution. So, kudos for taking that extra measure.

The trouble is, this bug has existed since at least 2005. Although the company claims the passwords were never compromised, 14 years is a long time for this to go under the radar.

If you’re a G Suite user, you should really add two-factor authentication and pray that your password was never compromised.

Centralized Entities and Password Storage

If you’re the least bit suspicious of Big Tech holding your data, then you should also be just as concerned about them holding your sensitive login information. We always hear about these fixes after the fact, but who knows how many more of these bugs and security breaches we can expect in the coming years? They seem to be becoming more and more common.

Trusting your personal information, either private contact information, sensitive information, passwords, or otherwise, with centralized entities is always a risk. That’s partly why a decentralized world is so necessary. If Google was an entity which operated on a distributed ledger system (i.e. blockchain), such security risks would be impossible.

However, given that we’re so far away from scaling blockchain to operate on a complex level like Google’s, it’s just an idea worth considering. The point is, we need and deserve alternatives.

Do you agree that decentralization is the path forward when it comes to Big Tech? Let us know your thoughts in the comments below.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Sponsored
Share Article

Related topics

Raised in the U.S, Lucian graduated with a BA in economic history. An accomplished freelance journalist, he specializes in writing about the cryptocurrency space and the digital '4th industrial revolution' we find ourselves in.

Follow Author

AKTIO Coin Launchpad Pre-Sales with 12.5% Bonus

Discover

Limited offer! Learn to mine and trade crypto today for free

Go