wordpress blog stats
Connect with us

Hi, what are you looking for?

Google stored some G Suite passwords in plain text for 14 years

Google recently discovered a bug which led to the passwords of some G Suite users being stored in plain text on its servers, the company said in a blogpost today. The bug had been around since 2005. Though Google said there was no evidence anyone’s password was improperly accessed or misused, “14 years is a long time for sensitive data to hang around unnoticed”, as Wired put it. Google said the issue was restricted to users of its G Suite apps for businesses and that no free Google accounts were affected. It clarified that the plain text passwords had been stored on its own encrypted servers and not the open Internet, and said it was working with enterprise administrators to ensure that their users reset their passwords.

Bug in password (re)setting feature for administrators: The issue came about because of a feature in G Suite that let administrators upload or manually set user passwords for users, to help them with on-boarding employees and for account recovery. Google said it made an error when implementing this feature back in 2005, which caused the admin console stored a copy of the plaintext password. “The functionality to recover passwords this way no longer exists,” Google said.

How has Google responded? The company said it recently notified G Suite administrators and asked them to change the impacted passwords. “Out of an abundance of caution, we will reset accounts that have not done so themselves,” Google said.

Password blunders: Facebook, Instagram and Twitter

A report in March revealed that the passwords of hundreds of millions of Facebook users and tens of thousands of Instagram users were stored in plain text and searchable by thousands of Facebook employees for years. Facebook said in response that it was probing a series of security failures that allowed employees to build applications that logged unencrypted passwords and stored them in plain text on internal company servers. In April, the company clarified that millions, and not “tens of thousands” of Instagram passwords had been stored this way, per The Verge.

Last May, Twitter told its more than 330 million users to change their passwords after it discovered a glitch that caused some passwords to be stored in plain text on its internal systems. Twitter said the bug caused an issue in the hashing process that masks passwords, and led to passwords being saved in plain text to an internal log.

Advertisement. Scroll to continue reading.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ