January 25, 2021
Hot Topics:

GitHub Attacks Prompt Password Reset

  • By Developer.com Staff

The popular code repository site GitHub is reporting a sudden surge in attempted account hijackings. In response, the website has reset compromised passwords and banned the use of common weak passwords.

"While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses," GitHub explained in an advisory. "These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this. In addition, you will no longer be able to login to GitHub.com with commonly used weak passwords."

Users with weak passwords or accounts that were targeted by hackers will need to select new passwords the next time they log in. GitHub also recommends that all users enable two-factor authentication.

View article

This article was originally published on November 20, 2013

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date