from the p@ssw0rd! dept
This sort of thing will never stop amazing me. For any American President, one would assume they would have all kinds of advisers on all matters regarding security and best practices when it comes to the systems and technology they use. I’m old enough to remember when everyone freaked out over Barack Obama using a Blackberry, but at the time I hand-waived any such concerns under the assumption that there were checks in place to make such technology secure.
So how in the world did Donald Trump, often called America’s first Twitter President, manage to have his Twitter account accessed using a laughably predictable password and 2-factor authentication?
Dutch prosecutors have found a hacker did successfully log in to Donald Trump’s Twitter account by guessing his password – “MAGA2020!” But they will not be punishing Victor Gevers, who was acting “ethically”.
Mr Gevers shared what he said were screenshots of the inside of Mr Trump’s account on 22 October, during the final stages of the US presidential election. But at the time, the White House denied it had been hacked and Twitter said it had no evidence of it.
For what it’s worth, both the White House and Twitter are both still claiming that they don’t see any evidence that Gevers did in fact access Trump’s Twitter account. That being said, Gevers is said to have provided evidence for what he’d done to Dutch police and the prosecutors there seem utterly convinced that Gevers did precisely what he said he had.
Dutch police said: “The hacker released the login himself.
“He later stated to police that he had investigated the strength of the password because there were major interests involved if this Twitter account could be taken over so shortly before the presidential election.”
They had sent the US authorities their findings, they added.
For any other president, this sort of unauthorized access would be frustrating and somewhat concerning. For this president, however, who routinely announces hirings and firings of government employees via Twitter, and occasionally even announces American policy that way, it’s horrifying. Someone who was actually nefarious could have created all kinds of chaos at the very least, or precipitated real life wars at worst, just by tweeting out from Trump’s account. Imagine a world where a bad actor accesses Trump’s account and tweets “America has declared war on North Korea. The battle begins in hours.” It’s not inconceivable that Seoul would be lost under North Korean artillery… or worse.
It’s also worth noting that Gevers claims this isn’t the first time he got access to Trump’s account.
Earlier this year, Mr Gevers also claimed he and other security researchers had logged in to Mr Trump’s Twitter account in 2016 using a password – “yourefired” – linked to another of his social-network accounts in a previous data breach.
The best people are apparently not advising the president on how to keep his vaunted Twitter account secure.