Skype passwords should now be secure again after Microsoft fixed the flaw related to the reset system.
For some months, Skype users have been at risk of password theft and thus account compromise, but as of today, the situation appears to have been resolved and normalized.
Microsoft has indeed temporarily suspended the new password reset system to implement the necessary modifications, thereby “patching” the security vulnerability.
It all started a few months ago when, on a Russian forum for IT enthusiasts, a trick was revealed to gain unauthorized access to the password and thus the login credentials for the Skype service.
All it took was knowing the user’s registration email, creating a new account using precisely that email address, and then adding a secondary email address.
This secondary address would then be used to receive the newly reset password.
In this way, the unfortunate registered user would no longer be able to log back into their own profile.
Microsoft technicians therefore decided to completely disable the password recovery system, blocking it entirely.
Subsequently, it was officially communicated by the staff who worked on resolving the issue that the flaw has been patched by changing the password reset process, so as not to send any further notifications, thus averting the aforementioned risk.
Furthermore, according to investigations conducted, only a few accounts were affected by the vulnerability.
Certainly, if you have been able to normally access and use the service, it means you have not been a victim of the flaw.
Be the first to comment