They say that if you don’t pay for it, you are the product, and that’s true in most cases – especially in Google and Facebook’s. This case, however, proves once again that security is not their number-one priority. Given how much data they have and the countless ways this data could be used and abused against individuals, businesses and societies, one must hope that Google makes security a priority. They also make it pretty difficult for you to delete the data they gathered about you while also trying to convince that it’s safe to use Google services. Google has been caught many times before violating your privacy: secretly scanning your emails, allowing third parties to read them, tracking your location even when you told them not to, using face recognition and scanning your photos – the list goes on. Google claims to be privacy-friendly and even goes to the lengths of criticizing their competitors by saying that ‘online privacy shouldn’t be a luxury.’ Google’s business model is based on providing free service in exchange for your data (You can see exactly how much data it collects by going to your settings. This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.” Why is this a problem? To be clear, these passwords remained in our secure encrypted infrastructure. The company stated: “This practice did not live up to our standards. Google noticed this bug in May of 2019, 14 years later, and has now patched it. We hope nobody chose “MyBossSucks123” as their password! Not only could administrators see them, Google employees could see them too.
However, the system stored these passwords in plain text.
Google did this to help administrators with the on-boarding process for new employees. G Suite account administrators were permitted to change and recover their users’ passwords. However, if you enter the correct password, it will match the scrambled version, allowing you to access your account. The company then cannot see your actual password or unscramble it, even if you forget it. Usually, passwords are hashed (encrypted), which means that they are scrambled and saved on Google’s servers as random characters. On May 22nd, 2019, Google notified G Suite users that they had made an error implementing password storage back in 2005.
0 kommentar(er)
