Bad GoogleGoogle typically stores its passwords in a cryptographically-scrambled hash. However, due to the bug, G Suite’s password recovery feature for administrators somehow allowed the passwords to be stored in the admin’s control panel. As of recently, Google has disabled the feature causing the security risk. However, for a long time, the passwords were accessible to both authorized Google personnel and malicious hackers. The plaintext bug is nothing new. In fact, Twitter and Facebook have both dealt with similar issues in the past year or so. However, Google is taking this a step further by auto-resetting passwords out of caution. So, kudos for taking that extra measure. The trouble is, this bug has existed since at least 2005. Although the company claims the passwords were never compromised, 14 years is a long time for this to go under the radar. If you’re a G Suite user, you should really add two-factor authentication and pray that your password was never compromised.
Centralized Entities and Password StorageIf you’re the least bit suspicious of Big Tech holding your data, then you should also be just as concerned about them holding your sensitive login information. We always hear about these fixes after the fact, but who knows how many more of these bugs and security breaches we can expect in the coming years? They seem to be becoming more and more common. Trusting your personal information, either private contact information, sensitive information, passwords, or otherwise, with centralized entities is always a risk. That’s partly why a decentralized world is so necessary. If Google was an entity which operated on a distributed ledger system (i.e. blockchain), such security risks would be impossible. However, given that we’re so far away from scaling blockchain to operate on a complex level like Google’s, it’s just an idea worth considering. The point is, we need and deserve alternatives. Do you agree that decentralization is the path forward when it comes to Big Tech? Let us know your thoughts in the comments below.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.