The Dutch periodical Vrij Nederland reported that the famous security specialist and head of the GDI Foundation, Victor Gevers, managed to find the password for the Twitter account of US President Donald Trump – it was the abbreviation “maga2020!”, Formed from the slogan “Make America great again”.TechCrunch reporters asked Gevers for details of what happened, and he said that he picked up the password on just the fifth attempt, and the account was not protected by two-factor authentication, that is, the researcher really got access to the president’s account.
As proof of his words, the expert showed the journalists a screenshot, which can be seen below.
When the password guessing was unexpectedly successful, the researcher did not or wrote messages on behalf of the president, instead, he immediately reported the problem through all possible channels: he turned to US-CERT, the Agency for Cybersecurity and Infrastructure Protection, organized under the Department of Homeland Security USA (DHS CISA), FBI, Twitter support, even tried to find contacts in the White House and so on.
Interestingly, Gevers has been trying to guess the password from Donald Trump’s Twitter account for the second time. The first time when an expert and his friends guessed a password was in 2016. Then the researchers relied on the data leaked from Linkedin in 2012, and were surprised to find that the password for Twitter is exactly the same as for Linkedin.
“The researchers took his password — “yourefired” — his catchphrase from the television show “The Apprentice” — and found it let them into his Twitter account. Gevers reported the breach to local authorities in the Netherlands, with suggestions on how Trump could improve his password security. One of the passwords he suggested at the time was “maga2020!” he said. Gevers said he “did not expect” the password to work years later”, — report TechCrunch journalists.
However, soon the password for the account was changed, and was implemented two-factor authentication.
TechCrunch journalists were never able to get official comments from representatives of the White House and Trump’s campaign headquarters, only White House Deputy Press Secretary Judd Deere said that this story is “absolutely untrue.”
In turn, representatives of Twitter said that they have no evidence to support Gevers’ statements or the material published by the Dutch edition. The company also emphasized that it is actively implementing various security mechanisms for the accounts of a certain group of well-known election-related Twitter accounts.
Last month, Twitter did promise that it would strengthen the security of the accounts of political candidates and government agencies, including encouraging the use of two-factor authentication (but, unfortunately, not obliging it to do so).
The year 2020 turned out to be not easy for Twitter, let me remind you that there was a biggest attack in the history of Twitter: hacked accounts of stars, companies and cryptocurrency exchanges. Hackers used phone phishing and hacked many accounts in just 24 hours.
User Review( votes)