Some of Our Sources
- Techcrunch
- TutsPlus - Code
- Spoon Graphics
- You The Designer
- Inspiredology
- FanExtra - PSD
- Stylized Web
- Freelance Switch
- Web Resource Source
- Android Headlines
Help Webnuz
Referal links:
May 2, 2018 10:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ZCHBUTkdMVc/github-accidentally-exposes-some-plaintext-passwords-in-its-internal-logs
GitHub Accidentally Exposes Some Plaintext Passwords In Its Internal Logs
GitHub has sent an email to some of its 27 million users alerting them of a bug that exposed some user passwords in plaintext. "During the course of regular auditing, GitHub discovered that a recently introduced bug exposed a small number of users' passwords to our internal logging system," said the email. "We have corrected this, but you'll need to reset your password to regain access to your account." ZDNet reports: The email said that a handful of GitHub staff could have seen those passwords -- and that it's "unlikely" that any GitHub staff accessed the site's internal logs. It's unclear exactly how this bug occurred. GitHub's explanation was that it stores user passwords with bcrypt, a stronger password hashing algorithm, but that the bug "resulted in our secure internal logs recording plaintext user passwords when users initiated a password reset." "Rest assured, these passwords were not accessible to the public or other GitHub users at any time," the email said. GitHub said it "has not been hacked or compromised in any way."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ZCHBUTkdMVc/github-accidentally-exposes-some-plaintext-passwords-in-its-internal-logs
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot