I believe that serious and studious poor friends should have seen the large-scale account hacking incident caused by QQ login QR code.
What Shichao didn’t expect was that the storm of QQ QR code hacking had not yet passed, and the QQ leaked password once again rushed to the hot search.
According to Sina Technology’s revelations, a large number of QQ users have reported that after logging out of QQ, they returned to the login interface to show that their QQ password has become 123456789, and that they can log in to QQ by entering 123456789.
If this is true, then its influence and destructive power are definitely greater than that of QR code fraud, which can affect hundreds of millions of QQ users.
If I log in to QQ, Tencent will change my password to 123456789 by default, so let alone a hacker, as long as I know this bug, then my QQ password is useless.
As long as anyone knows my QQ number, and then type 123456789 without a brain, it’s almost a test!
After reading this news, Shichao was so frightened that he immediately opened his QQ to verify the QQ password leak that was widely reported by netizens.
I logged out of my QQ account on my mobile phone and returned to the login interface, and found that my QQ password was indeed changed to 123456789 as the netizens said.
The weirdest thing is: after clicking login, you can actually log on to your own QQ.
In addition to this situation, Shichao also received a lot of messages from poor friends in the background, saying that another bug appeared on his device.
It is said that manually entering 123456789 can also log in to the account.
This is the part we will verify next.
After a wave of operations, I did not encounter the situation that the poor friends said. If I manually enter 123456789, the account password is displayed incorrectly instead of logging in directly.
Of course, this does not rule out that Tencent fixed the bug overnight. But the problem of password display is not actually a bug of QQ, but a careful thought that QQ uses to protect your password.
When the poor friends log in to QQ password, they can check the button to display the password, so that you can see the password you entered. This display password setting was originally designed to prevent everyone from entering the wrong password.
Although this small function is convenient, it has a security risk:
If someone takes your mobile phone and wants to know your QQ password, they can log out of the logged-in QQ account on your mobile phone, and then use this password display function to see your QQ password.
Therefore, in order to prevent this from happening, QQ, after you log out, click to display the password, and directly replace it with the string of numbers 123456789.
So whether it is 123456789 or ******* that appears in your QQ login interface, they do not represent any specific password.
They are equivalent to the server giving the user a temporary pass, and you cannot delete any number in the pass, deleting any one will invalidate the entire temporary pass.
This mechanism is actually a part of QQ password-free quick login.
When the poor friends log in to QQ for the first time on a new device, they need to enter their own passwords completely, and also need to perform some security verification.
The purpose of this is to let the system recognize that this operation is done by the account owner. This is a secure device. QQ will leave a globally unique identification code for this device, which will be stored in the server.
The next time the poor friends use this device to log in to QQ, this mechanism called password-free quick login will be triggered, and QQ is automatically enabled by default.
The poor friends do not need to enter the password again, the system will automatically take the device code on this machine to verify, and after confirming that it is the same device code, it will automatically log you in.
This saves you the time to enter your password. So whether it is 123456789 or ******* displayed on your QQ login interface, they do not represent any specific password.
They are just a mark. When you open QQ and enter the password, the system will directly check whether your device code is the same as the one on the server.
So essentially, this 123456789 can be any number.
This is the essence of password-free quick login, that is, a solution that protects user privacy while taking into account convenience.
As for why Shichao cannot log in to QQ after manually entering 123456789, it does not rule out that Tencent fixed this bug while we were not paying attention.
If you encounter this kind of bug, you don’t have to worry. If you want to log in through this channel, you must first use an authenticated device.
If others want to log in to your QQ on other devices, then the security device authentication will be difficult.
Hashtag: QQBug password
.
[related_posts_by_tax taxonomies=”post_tag”]
The post QQ has a new bug, your password has become “123456789”? -QQ, Password, Bug – Fast Technology (the media of Drive Home) – Technology changes the future appeared first on Gamingsym.