Instagram: a bug broadcast certain passwords in plain text

Who I am
Miguel Moro Vallina
@miguelmorovallina
Author and references

A tool from Instagram was insecure and transmitted some passwords without encryption. A bug corrected today, but which does not reassure.



Instagram is one of the most popular social networks of the moment. Owned by Facebook, the app regularly improves with new features, sometimes inspired by Snapchat.

But the application also offers new features of its own, such as the downloading of content from its account by a user, a functionality deployed last April and allowing a user to create an archive of his content posted online. Unfortunately, this included a serious security flaw.

An annoying bug

Indeed, according to The Information, users who took advantage of this feature saw their password broadcast in plain text directly in the browser's URL. Worse still, the password in question was also copied to Facebook's servers, again without encryption.



Instagram

Download Instagram Free APK

This bug is all the more problematic for those who have used this feature on an open WiFi network or a public computer, which are not very secure. There is nothing to confirm, however, that accounts have been hacked because of this security flaw.

Fixed issue

An Instagram spokesperson confirmed to The Information that this issue has only impacted a "small number of people" and that all have received an email warning them of the potential danger, inviting them to change their password. past. In addition, the flaw has been fixed and the passwords stored in the clear in Facebook's database have been deleted.



How to secure your smartphone
9 rules to follow to secure your Android smartphone (and iPhone)


Remember that it is important to set different passwords on your different accounts to prevent such a flaw from allowing malicious souls to access very sensitive data. We also recommend using a password manager to create strong passwords and make them easier to use.

The 4 best free and paid password managers

There are excellent password managers that allow you to keep all of your passwords used on the Internet in one place so you don't have to remember them. Here is…


Audio Video Instagram: a bug broadcast certain passwords in plain text
add a comment of Instagram: a bug broadcast certain passwords in plain text
Comment sent successfully! We will review it in the next few hours.