Trump Staff Twitter Settings Reveal Security Vulnerabilities

AP17021829082580.jpg

White House press secretary Sean Spicer speaks in the press briefing room at the White House, Saturday, Jan. 21, 2017, in Washington. (AP Photo/Andrew Harnik)

President Trump, Vice President Pence, the First Lady, Chief Strategist Steve Bannon and Press Secretary Sean Spicer, as well as several of Trump’s cabinet members, have all exhibited vulnerabilities in their Twitter accounts thanks to their neglect of a basic security setting, according to a hacker speaking with CNN.

The hacker, who goes by the name WauchulaGhost, highlighted the problem — a privacy setting requiring users to provide a phone number or email address when resetting a password — as reported by thenextweb.com on Jan. 26.

Without associating this safeguard with a phone number, the “Forgot Password” feature can be used to reveal limited information associated with the account, such as partially redacted email addresses whose missing letters are not that difficult for hackers to deduce and use as access for more credentials.

The White House Communications Agency is said to be in charge on managing security protocols for government accounts, and supposedly uses custom protective measures that extend beyond two-factor authentication to complicate hacker efforts.

However, a Jan. 25-26 series of strange tweets from Sean Spicer’s @PressSec account are theorized to exhibit someone attempting to establish extra layers of security for the account possibly being unsure on how to govern even proper phone-associated procedures. A Washington Post report theorized Spicer was accidentally posting tweets via SMS, revealing temporary passwords.

Following the hacker’s warning being made public, it has been reported that at least Vice President Mike Pence and the First Lady have had their settings updated. However, @POTUS may still be insecure. Carelessness with these settings doesn’t guarantee a breach, but can help facilitate an attack campaign.