The new American president’s Twitter account isn’t a means of communication as much as it is a tool for confusion, propaganda, and unceasing assault. But Donald Trump has shown his tweets can move the stock market, provoke foreign powers, and dominate news cycles, so the account’s potential to shake the world is unprecedented. And all that’s stopping an outsider from seizing control of @POTUS could be someone’s personal Gmail password.
Image: Screenshot from Twitter
If you forget your Twitter password, the company allows you to easily reset the code through a link sent to an email address you designate in your account settings. This same process makes it elementary to hijack that Twitter account if you have access to the email account in question: Just request a password reset, wait for the link to arrive, and lock your victim out of their own Twitter account. If two-factor authentication is enabled, it would impede but not necessarily stop a motivated or sophisticated attacker.
Trump’s account is an obviously juicy target for such an attack, representing what BuzzFeed’s Joe Bernstein described as “a national security disaster waiting to happen.” An unauthorized declaration of, say, imminent hostilities or economic sanctions coming from the president’s official account could destabilize the entire world.
According to hacker and Twitter user @WauchulaGhost, Trump’s account is set to email password reset requests to a personal Gmail account (it appears to be that of Dan Scavino, his social media chief), and it reveals the first two letters of the account (enough to surmise it’s probably Scavino’s). This signals to hackers that all they need to do to illicitly broadcast to the president’s 14 million online followers is get into said Gmail account, which may or may not be secured with some form of two-factor authentication. Even with such an extra layer of authentication, knowing the private email address of a senior White House employee would make them a target for spearphishing attacks like those that befell the DNC and John Podesta last summer.
Hey @POTUS, On a serious note. Lets fix your Security settings. Should I email you? #GhostOfNoNation @realDonaldTrump pic.twitter.com/FRdMJnZaNr
— WauchulaGhost (@WauchulaGhost) January 21, 2017
According to a CNN report, WauchulaGhost “says he found the likely email associated with Melania Trump’s handle within twenty minutes, and “the email associated with Vice President Mike Pence was easy to guess once you saw the redacted version: vi***************@gmail.com, which WauchulaGhost pieced together as vicepresident2017@gmail.com.”
It appears that in the days since WauchulaGhost first tweeted about the vulnerability, the option to reset the @POTUS password via text message or what appears to be an @DonaldJTrump.com address have been removed. Bizarrely, the Gmail option remains active as of today for both Trump and Press Secretary Sean Spicer:
Not only is the @PressSec tweeting passwords, he also tied the Press Secretary Twitter to a gmail account. pic.twitter.com/MoqErnojbq
— Nash (@Nash076) January 26, 2017
The irony given Trump’s campaign assaults on Hillary Clinton’s use of a private email service is of course obvious.
Update: Jan. 26, 2017
An earlier version of this story did not address the possibility that two-factor authentication could impede unauthorized access to Trump’s Twitter account.
Update 2: Jan. 26, 2017
As of 1:02 PM today, the email required to reset Trump’s Twitter account was changed to what appears to be a White House address.
Hi , Donald Trump I’m kind of please to have you as President. Please don’t miss up Yes we really do need to get these forums out. They are tipping into our accounts, buying up building ,going into our house stilling, you know how your social security card tell you to leave it at home ? Will I did how I live in like 14 deffent States. They will firer you in a heart beat. The old former Dr.will say you need a heart transplant . Hound you to stop eating KF Chicken .On top of all that cut the little Grant we get and rirse the rent ! Very hateful people . Help us Donald ! We as America people are tried of them, my God they sink , they CV really know how to bring a dark cloud . Talking about they Hate Us .
and.. The Intercept hardly touched on the extent of Hillary’s email revelations. Anything to do with Pierre Omidyar being an enormous Hillary supporter? Thankfully, others are digging deep and sharing well informed journalism with the rest of us.
You Snowflakes never give up! Can’t you see that lying gets you know where, that’s why your leader and terrorist supporters (hillerlie and the obamanations) are no longer in power? Lie, lie, lie that’s all you do, and it is not going to convince anyone of anything except those of you crying little brats that want to believe it.
Thank you for this first week. It’s the first time in 8 years I’ve listened to the President with a smile on my face and hope in my heart. Can hardly wait for Week 2.
This article is very prescient. I logged on to Twitter, searched for ‘Trump’ and found the following Tweet, indicating that some idiot has taken over his account.
A trade deficit with Mexico means they send billions of dollars of goods and services to the US – for nothing in return! That is a tremendously good deal for the US and whoever has taken over Mr. Trump’s account is a fool for condemning it.
For nothing ! Are you a Marxist, Benito ?
of course there is no difference between tens of thousands of emails between government officials on sensitive topics
and pr blurbs from the chief executive to the public
no difference at all
Is it still in Hillary’s bathroom or have they moved it closer to Trump?
Translation : Triggered.
Does he tweet classified info like was on Hillary’s private restroom server hacked by 5 governments and a huge breach of laws?
Hillary should be in prison over the breaches, but you worry about tweets.
Intercept is descending into biased, leftist, fake-news over Trump, following WaPo and CNN, not leading the way back to real journalism.
Its definitely “fake news” if it makes your guy looks bad. Ok, got it.
Smarten up. There is no fake news here you moron, just because you can’t accept the stupidity doesn’t make you right.
I think TZ is in need of attention and approval. because admitting what a morally sorry ass bitch she really is, is much harder than facing the real truth..
And if you always think people are jealous of you..is another fake makeup…in reality…we just laff at how much you really are proud to be a ho.
;)
I’m probably the only one here who thinks it’d be hilarious if his twitter account was hacked.
I think that’s completely incorrect.
ha ha ha Nice one, Sillyputty.
TRUMP USES TWITTER BECAUSE THE MEDIA IS VERY VERY VERY VERY DISHONEST AND HE NEEDS TO COMMUNICATE TO THE PEOPLE IN A DIRECT WAY. You liberal scumbags have no idea how awesome Trump is. You liberal turds constantly spew darkness and venom about him without any REAL BASIS OR FACTS backing up your claim. The propaganda that Sam Biddle speaks about comes from the FAKE NEWS LIBERAL media. The media puts disinformation out on a daily basis confusing and instigating you dumb losers to become violent. This is to get you to do your little pathetic left wing protests. George Soros controls much of the media.The Millennials are bare none the most pathetic generation that ever existed.You fools are a bunch of Hipster Dipster pseudo intellectual no nothing chumps that live in mommy’s basement that cry about the world and do nothing to change it. Liberals are censoring conservative posts and memes on facebook and other popular sites. The progressive world order is failing and you idiots need to wake up to that fact.
Amen to that!
Donny? that you?
THIS IMPLIES GMAIL IS INSECURE.
I re-ran the “forgot password” drill on Twitter for @POTUS ONCE just now, its changed to “Email a link to th***********@w**.***.***
Email a link to as************@w**.***.***”
This implies GMAIL IS INSECURE.
Thank you Sir Donald Trump for letting us know that.
Who still care about those social networks ;) get back you real live mate
sam…don’t bother writing a piece for the Intercept, just tweet it to your followers.
Put1n0n3over0nth3b^nkst3r$
The good news is that ‘Merica’s good friend, Yisroel has a copy of everything in his Gmail already, courtesy of the N$A. They’ve been keeping an eye on it the whole time.
And the better news is that all the middle class white females and the diversity mobsters who were so busy grovelling for privilege and entitlement to give a care as they rushed our country to the cliffs, sold themselves, and their children to the pied piper of ramblin’.
Elections-and blackmail hushbux aren’t cheap- but Soros sponsored bolsheviks march for free with pink fuzzy twats on their heads- a picture is worth a thousand silences.
Off with their heads!
http://www.newser.com/story/237472/state-department-hit-by-mass-exodus-of-senior-officials.html
Too funny. People are up in arms over a social media account when we had Hilary using a personal email server to handle classified communications which is against the law.
Modern two factor authentication stops such an attempt dead in its tracks if properly implemented. Would Trump even bother? Probably not.
The assumption underlying this piece seems to be that it would be easier to compromise a gmail.com email account than a whitehouse.gov email account. I’m not so sure.
WHY DONT YOU USE THE WORDS “PRIVATE EMAIL SERVER” IN THE HEADLINE? BECAUSE IT’S DIFFERENT WHEN A MAN DOES IT? FU
Because it’s not a private email server. Gmail us a private email SERVICE. Hillary had a private email SERVER. They are VERY VERY different beasts. Gmail has all the protection that gmail offers. Including 2-factor auth and encrypted passwords of google’s end. Google actually makes it quite difficult to hijack accounts.
An email server is a computer that actually allows access and, in the case of something like outlook, STORES emails. Unless one is encrypting that storage happens in plain text.
They are two very different things.
This is why we’re screwed. People don’t understand technology well enough to form properly educated opinions on subjects.
Instead, is partisan this, partisan that.
Frankly, gmail with 2fa or 2fa plus a hardware key is probably more secure than anything whitehouse[dot]gov.
You know why this is no big deal, why no one is screaming LOCK HIM UP?
Misogyny
Sexist double standards
F off all of you
It’s ACTUALLY different. Partisan absurdist arguments aren’t going to win the battle we have ahead of us.
There is a self loathing group of Americans who actually believe they are heroic by protesting authority, police and the military. This entitled group of brats have doubtfully faced racism abroad or had family members to be the victim of violent crimes. They sit in their privileged little lives now protesting, writing pathetic articles critiquing the POTUS and railing against the very systems that made America a superpower. Like children who don’t get what they want, the tantrums are insufferable. GROW UP.
You’re so so ignorant. Protesting is a right, just like you have a right to post your stupid ignorant comment. The president should be criticized, you’re, once again a fool for thinking otherwise. Who else can keep government in check besides the people? The adults are having a conversation so maybe you shouldn’t join if you don’t understand.
Amateur hour shit like this is how we ended up with 9/11. A bunch of partisan hacks of limited talent/intelligence in power, warnings ignored, and then shock and surprise that something terrible happened. There is going to be at least one major fuck-up that kills people before the year is out, guaranteed. This administration isn’t competent enough or focused enough to get basic national security (not security theater) right.
This story would make some sense if Gmail was significantly easier to hack than Twitter.
When will someone finally speak up, his senior staff SUCKS!!! As an entity they are failing him in the same manner that they troubled his campaign. There are just too many issues and unnecessary problems that have no place in the execution of what Donald Trump is trying to do. They have one responsibility, to protect the president from those things that threaten to sabotage his administration. It’s a science and the “high-paid” scientists are not doing their job. We have neither the time nor reason to entertain anymore of this amateurism. Do your job. Because there are unemployed individuals in the inner city who can’t keep bailing you out . . . .
They’re not failing him, their enabling him. He has surrounded himself with the sort of sycophants and CEO does who suck up to rise up.
“DONALD TRUMP IS USING A PRIVATE GMAIL ACCOUNT TO SECURE THE MOST POWERFUL TWITTER ACCOUNT IN THE WORLD”
So he manages Kim Kardasian’s Twitter feed too?
double standard … Trump is already failing… tweet by tweet…
Wait a minute here….NO ONE has pointed out that it is ILLEGAL to request a password reset as just anybody, even if your an “investigative journalist”….Privacy laws come into play pretty seriously here. You should beg forgiveness before they prosecute.
PW=ItsYUUUUUGeBelieveMe!
PW=Ivanka+Me_69
With all due respect, what wauchulaghost did has NOTHING to do with hacking. He simply clicked on “forgot password” as explained here: https://justpaste.it/wauchulaghostjacking
Exposing a few letters of your email doesn’t mean that the account is hackable and his technique wouldn’t have worked in this case.
Dear Sam,
You wrote, “The irony given Trump’s campaign assaults on Hillary Clinton’s use of a private email service is of course obvious.”
The irony of a professional writer using the phrase “of course obvious,” is obvious, but I am missing the irony in using gmail to secure a Twitter account. Is there evidence that he’s conducting official business from either the Twitter account, or the gmail account?
Does it make you sad that that while your colleagues are exposing the Chicago police department, your foray into investigative journalism is limited to pressing “reset password” on @POTUS?
If I could get to his Twit account I could cause havoc through out the world. Or at least make him more of a fool if that is possible.
Don’t tell that to rick coz nothing permeates the thick layer of goop that envelopes folks like him.
“…is there evidence that he’s conducting official business from either the Twitter account?”
Yes. Communicating with the public, Tweets or otherwise, is official business.
Obviously the concern is with Twitter’s private, direct message features. I don’t think there’s very many FOIA issues associated with public posts…
Obviously you, despite the evidence Trump was elected, ignore that the bully-pulpit, whether it’s Twitter or POTUS podium, when used to communicate to fellow Americans is being used to advance a position – therefore it’s official business when he’s President.
It’s equivalent to FDR fireside chats just different technology.
http://www.npr.org/2016/11/18/502306687/commander-in-tweet-trumps-social-media-use-and-presidential-media-avoidance
@Samfbiddle, please investigate whether the government is archiving @POTUS tweets as federal records pursuant to the guidelines established by NARA, ASAP. Thank you.
“Is there evidence that he’s conducting official business from either the Twitter account, or the gmail account?”
It’s the official twitter account for the President of the United States. Verified. What evidence more do you need?
Irony in your last statement is astounding. No wonder info security is a mess.
> As of 1:02 PM today, the email required to reset Trump’s Twitter account was changed to what appears to be a White House address.
whew! glad that’s settled!
Kind of interesting, but it seems likely someone associated with his office would notice, and re-take control of the account, before too long. Given if someone started tweeting bizarre stuff, it would occur to at least a few people it could be “counterfeit”, a successful destabilization would prob require holding on to the account for a length of time.
Yeah, because Trump never tweets “bizarre stuff.”
a) very funny doug. you are a funny guy! hats off- congrats.
b) he does but the bizarre-ness is within a certain profile that has been established to a substantial extent over the last year. thus, most of the point of the pr extravaganza aka “election”s.
c) the people around him and in the security establishment, check the ip addresses and such on people trying to access that twitter and email, very durn likely. not all gmails and twitters… “retain” the same amount of “attention” w/r/t security.
d) sleep well honey bear.
The stupidity of this article is mind numbing.
If the trump clown were to ‘lose’ his password of get ‘hacked’ all he has to do is call shitter, I mean, twatter and have them reset the password.
Sure, he can just do that everyday, several times a day or however often the “reset” password gets hacked. How presidential!
So how many times did that happen? Oh? It never actually happened? So you are exactly the kind of retard that this retartded and dishonest article targets eh? The likes of you and biddle just make shit up as they go along.
So you’ve convinced yourself that no one will hack the password. And you’ve convinced yourself that even if anyone does hack it, the Trumpers can just fix it day, after day, after day, after hour after hour after day that it gets hacked again and again.
That would be like placing a stop sign where a stop sign is supposed to be but not securing it. Every night some vandals take it down and remove it from the area, leading to car wrecks, and so the only thing the city does is replace it in the same sloppy way that it previously was. So then it is removed again.
But your claim remains that anyone who claims that not securing a twitter password, or not securing a stop sign is a “retard?” How charming and brilliant of you.
Again HOW MANY TIMES was trump’s account hacked? You can’t answer because you are a dishonest propagandist, kitt.
Futheremore, there are lots of ‘very important retards’ , like trump, posting garbage in twitter for people like you to read. And none of those VIR accounts get hacked “hour after hour”.
So keep posting delusional nonsense kitt. No doubt your nonsense contributes to making this a better world. Not.
Alas the hordes of people (?free) who are unable to consider the myriad possible ramifications of a situation extrapolated many degrees of magnitude out.
If you’re going to try and shut down a conversation, at least find a solid comeback than the boilerplate “Rhetorical Question + You Can’t Answer because + Nebulous Accusation that is Patently Ridiculous in its use of Thin Jargon that Indicates a the Jargon-slinger’s Total Lack of Understanding of the Term in Question.”
To my knowledge, asshole, it hasn’t been hacked, as yet. There’s not a fucking thing propagandist about realizing and stating that it is vulnerable to be hacked, because…why? because it fucking is, asshole.
You do realize that tons of foreign agents would love to hack that right? Imagine a terrorist hacking and announcing (as Trump) a nuclear first strike.
My advice to other countries is not to immediately start a war with the US over a Trump Tweet. Wait and see if it is a genuine Trump Tweet.
And then start the war.
TO ALL LEFTIST HACKERS, PLEASE, I BEG YOU
So, the obvious question. What the hell are hackers waiting for?
They probably are already on it. What it comes down to here, as always, is the strength of the password. As John Podesta could testify, were he to have a clue, if the password is something obvious then it is just a matter of time before it is hacked. If, however, Mr. Trump is using a random combination of lower and upper case characters, numbers and special characters, even a six digit password would require several years to break at 1000 attempts per second. This figure excludes timing attacks, however.
The point is that as usual Mr Biddle has posted a non-story.
Actually, using your exact criteria, it would take 4 minutes to hack a 6 character password. 8 characters, using your criteria would take about 3 weeks. What are the odds though, that Trump uses your criteria for his passwords?
They changed it after the story :D phew. what a joke http://imgur.com/a/2LLW7
They changed it after your story :D Impact. What a joke :)
http://imgur.com/a/2LLW7
Why would anyone wanting to destroy the United States want to interrupt Donald’s Twitter account?
(BTW, any bets that His Twitter password is pussy123?)
Tried that. Didn’t work. Must be a bigger number!
Try 1 2 3 4 5. It’s probably the same combination he has on his luggage.
gmail? oh good. Maybe the NSA is spying on him too. Or maybe google – try as they might – can assure Americans that the donald’s email account wont ever be hacked (snort). Gonna be a real innerestin’ fer years. Can we get a The Real Lives at the Whitehouse?
What about impeaching Mr. Trump over his unsecured Twitter account?
‘Lock him up, lock him up’
Is Trump an evil genius pretending to be an idiot or is he just an idiot?
From the teachings of the late Groucho Marx: “He may look like an idiot and talk like an idiot but don’t let that fool you. He really is an idiot.”
Incidentally, to those comparing this administration to the book or film “1984,” let me suggest a far more dystopian story of presidential power: “Duck Soup” (1933).
thank you for that laugh!…
Going to check it out . been so long. LOL
How would we know if someone hijacked it? Certainly not by the content of the tweets.
You would, if you suddenly started seeing tolerant and insightful messages.
LOL!