Article Image
IPFS News Link • Police State

Feds tell Web firms to turn over user account passwords

• by Declan McCullagh (c/Net)

The U.S. government has demanded that major Internet companies divulge users' stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person's password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.


1 Comments in Response to

Comment by PureTrust
Entered on:

Well, it's about time that companies use a downloadable client (program, app) something like Bitcoin or PGP where the user does all the password stuff on his/her computer at home. The passwords would never be stored by the company. The company (or bank) would never have to supply back-up passwords. The whole thing would be inside the encryption on the User's computer.

There could be secondary companies, like online Bitcoin wallet companies, that handled certain aspects of the encrypting and decrypting. But they would never hold enough info that they could view or use the password. In the Bitcoin world, the Blockchain company at is a company that does this regarding the wallets they host online. If they carried their idea a step further, they would never even maintain the login Username and Password in their files. It would all be on the user's computer.