Here’s a difficult day for Google. It disclosed that there were passwords stored in plain text for nearly fourteen years. Google says that the flaw was caused by a bug that has been around since 2005 and “some” G Suite users were affected as their passwords were left unencrypted. So far, Google hasn’t found any substantial evidence of improper password use of these users.
When it comes to password security, Google has a policy of storing them in cryptographic hashes that cover up the password’s plain text. However, it’s now been discovered that it was left in plain text for fourteen years. G Suite administrators were notified about the issue and affected users were asked to reset their passwords.
“This is a G Suite issue that affects business users only–no free consumer Google accounts were affected–and we are working with enterprise administrators to ensure that their users reset their passwords,” Google said in its blog post notifying the G Suite administrators. “We have been conducting a thorough investigation and have seen no evidence of improper access to or misuse of the affected G Suite credentials.”
As an extra sign of security, Google also said it’ll reset the passwords of those G Suite users who haven’t changed their passwords yet. Google also said: “In addition, we provide G Suite administrators with numerous 2-step verification (2SV) options, including Security Keys, which Google relies upon for its own employee accounts.”
Google fined $177 million by South Korea for blocking Android customization
South Korea bill to restrict Apple and Google from charging app store commissions
Google and facebook plans new undersea data cable
Israeli Government Signs $1 billion Cloud Services Deal with AWS, Google
More Privacy Choices for Indian Google Pay Users Soon
© 2021 CIO Bulletin. All rights reserved.