A couple of days ago, we reported that T-Mobile Austria allows its service agents to partially view customer passwords and stores credentials in plain text in the database as well. Apparently, the reason for not storing passwords securely was that the firm's security is "amazingly good". Given the security threat this situation poses, there was naturally a public outcry regarding the matter.
However, T-Mobile Austria customers will be somewhat relieved to know that the company is backtracking on its decision and will now be taking steps to secure customer passwords in a safer way.
In its most recent tweet, T-Mobile Austria has announced that passwords will now be hashed and salted, and will not be visible to customer service agents:
As we previously said we will implement further steps to secure passwords. Passwords will be salted and hashed, service agents will not be ablt to see any parts of passwords. We will implement this as quickly as possible.
— T-Mobile Austria (@tmobileat) April 9, 2018
Earlier, the company had also apologized for the brazen comments that it made regarding its "amazingly good" security, claiming them to be made in the heat of the moment.
It is important to note that T-Mobile CEO John Legere has already confirmed that the firm's US division does not allow service agents to view passwords and that credentials are stored securely in its database. T-Mobile Austria customers will be able to rest easy too once the company implements techniques to secure their credentials safely.
9 Comments - Add comment