. home.aspx



Plaintext Password Problem for Some GitHub Users

May 02, 2018 / Kacy Zurkus

Protecting passwords is a critical yet challenging part of cybersecurity. Yesterday, it became an issue for code repository site GitHub, which had to announce to a small number of its users that a flaw in its system had revealed passwords in plaintext on internal logs. Users received an email message, which many recipients have posted on Twitter, alerting them to the issue and advising them to reset their passwords. "During the course of a regular auditing, GitHub discovered that a recently introduced bug exposed a small number of users' passwords to our internal logging system, including yours," the email said. Though the number of passwords exposed has been quantified as small or select, the exact number of passwords that were visible through internal logs remains unknown. In addition, the logs were reportedly only visible to GitHub employees. “They were not accessible to the majority of GitHub staff and we have determined that it is very unlikely that any GitHub ...