GitHub Accidentally Exposes Some Plaintext Passwords In Its Internal Logs
GitHub Accidentally Exposes Some Plaintext Passwords In Its Internal Logs
Published on May 02, 2018 at 10:00AM
GitHub has sent an email to some of its 27 million users alerting them of a bug that exposed some user passwords in plaintext. "During the course of regular auditing, GitHub discovered that a recently introduced bug exposed a small number of users' passwords to our internal logging system," said the email. "We have corrected this, but you'll need to reset your password to regain access to your account." ZDNet reports: The email said that a handful of GitHub staff could have seen those passwords -- and that it's "unlikely" that any GitHub staff accessed the site's internal logs. It's unclear exactly how this bug occurred. GitHub's explanation was that it stores user passwords with bcrypt, a stronger password hashing algorithm, but that the bug "resulted in our secure internal logs recording plaintext user passwords when users initiated a password reset." "Rest assured, these passwords were not accessible to the public or other GitHub users at any time," the email said. GitHub said it "has not been hacked or compromised in any way."
Hope you like this please comment your view and share to your friends thanks for visiting bye guys meet you in next post
Published on May 02, 2018 at 10:00AM
GitHub has sent an email to some of its 27 million users alerting them of a bug that exposed some user passwords in plaintext. "During the course of regular auditing, GitHub discovered that a recently introduced bug exposed a small number of users' passwords to our internal logging system," said the email. "We have corrected this, but you'll need to reset your password to regain access to your account." ZDNet reports: The email said that a handful of GitHub staff could have seen those passwords -- and that it's "unlikely" that any GitHub staff accessed the site's internal logs. It's unclear exactly how this bug occurred. GitHub's explanation was that it stores user passwords with bcrypt, a stronger password hashing algorithm, but that the bug "resulted in our secure internal logs recording plaintext user passwords when users initiated a password reset." "Rest assured, these passwords were not accessible to the public or other GitHub users at any time," the email said. GitHub said it "has not been hacked or compromised in any way."
Read more of this story at Slashdot.
Hope you like this please comment your view and share to your friends thanks for visiting bye guys meet you in next post
GitHub Accidentally Exposes Some Plaintext Passwords In Its Internal Logs
![GitHub Accidentally Exposes Some Plaintext Passwords In Its Internal Logs]()
Reviewed by Kartik
on
May 02, 2018
Rating:
No comments: