Google logged part of G Suite user passwords in plain text

Google reports that the passwords of some of its G Suite users are stored in plain text in its internal systems. According to the company, this is an error that can be traced back to 2005. There is no evidence that the situation has been abused.

Google says it’s a 2005 error when the admin console saved a copy of the unsecured password. “This practice does not meet our standards,” the company says. The passwords would have remained in a secure infrastructure with encryption, but without the application of hashing. “This issue has been resolved and we see no evidence of unusual access to or abuse of the affected passwords,” says Google. This concerns a small part of G Suite accounts; consumers are not affected. Google reports that it works with administrators to ensure that their users reset their passwords.

The company says it also discovered that in January 2019 some of the unprotected passwords were accidentally stored in a secure environment, where they would have been stored for up to fourteen days. This problem is also solved according to Google and in this case there would be no evidence of abuse. The internet giant says to regard this as an isolated incident.

This incident is related to the fact that domain managers were previously given tools to set and retrieve passwords. Google introduced this because it claimed to be a much-needed feature. The tool, which was located in the admin console , gave administrators the option of uploading passwords or setting them manually for the users of their company. The goal was to help them give their new account information to new users on the first few days. This functionality for recovering passwords no longer exists in this form.

About David Orth 47 Articles
David is an editor who loves Tech. When he comes across the latest smartphones, gadgets, films and series, his body temperature rises considerably. Whenever he is allowed to express this in front of a camera or behind a microphone, brace yourselves. David breathes tech!

Be the first to comment

Leave a Reply

Your email address will not be published.