This is fairly mind blowing.
Source: https://techcrunch.com/2020/10/22/dutch-hacker-trump-twitter-account-password/
The account was not protected by two-factor authentication, granting Gevers access to the president’s account.
It's also pretty remarkable that the account hadn't already been discovered (that we know of).
Wouldn't this be an account subject to constant attack like this? Lots to unpack here.
Top comments (15)
My password is o7j7k3w5. I post it on Twitter and forums, so that I can just look for this comment when I forget.
Please do not transfer my money or use my calling account, honor system, thanks.
The article said he changed shortly afterwards, password is probably maga2021 now. Is mind blowing that POTUS doesn't have two factor authentication. Just dumb. And these people "run" the country. 🤣
In the grand scheme of things, to me, that he doesn’t use 2fa is one of the least mind blowing things about this President.
And blindly believing the claims that he got hacked (or that this or the previous mentioned password in the article were ever his password) isn't "Just dumb"?
I mean without getting into a political debate, he's done quite a few dumb things in the last 4 years. I wouldn't be surprised if he got hacked at all.
I wouldn't be surprised, but I'd expect massive evidence.
I was once (legitimately) told the password to major media brand's social account, and the password was "name of brand" + "two character number".... It was the least secure thing I could imagine, and it was passed around in emails.
But this is still another level.
Wild that this indicates his team is not using a password manager.
So what you're saying is we should all go and try brand names + 2 numbers for every popular brand we can think of?
I told everyone the biggest takeaway of 2016 was that we're screwed InfoSec-wise whether the Republicrats or Demopublicans win (everyone remembers Hillary's homebrew mail server, but Trump's campaign mail server running Win2k3 - again, in 2016 - got comparatively little attention).
This is hilarious
Doesn't Twitter enforce some security measures for important accounts (e.g. POTUS, politicians, etc.)?
Well, it does. From the article:
Didn't his account get deleted by an annoyed Twitter employee once?
It was deactivated for around 11 minutes but not deleted.