Gmail is the most popular and secure email service in the world, but the new warning about “authentication code” has caused great concern among users.
Security analyst Yusuf Samuta, in a post on a technology blog, revealed that flaws in Gmail’s “authentication code” had led to the exploitation of security holes in the Facebook social networking site and the hacking of accounts.
Samuta explained that it was able to use Google OAuth redirects to link with Facebook’s security systems to hack accounts.
Google OAuth is one of the systems that allows Amazon, Facebook, Microsoft, Twitter and other users to link their accounts to external sites.
Samuta noted that “this vulnerability could have been used on a large scale” and insisted that he had received a “reward” of about $ 45,000 from Facebook in exchange for a security flaw he discovered.
Commenting on the discovery, the “Malwarebytes Labs” website, which specializes in information security, warns anyone using accounts linked to some of them.
“Linked accounts were invented to facilitate login,” he said. “But we do not recommend it, because if someone gets a password, they can control all the other accounts.”
And if this warning makes you uncomfortable, you can unlink accounts including Google OAuth.
On Facebook, for example, you can go to “Settings and Privacy”, then “Settings”, then “Account Center” and “Accounts and Profiles”, and then you can select “Delete Link”.
You can do this on other sites like Twitter, Amazon and Microsoft.
“Award-winning beer geek. Extreme coffeeaholic. Introvert. Avid travel specialist. Hipster-friendly communicator.”
