A CNET report based on anonymous sources says the U.S. government has requested that Internet companies hand over user passwords, as well as the encryption algorithm and salt, which companies use to protect passwords. The article says that firms are very reluctant to comply with these demands.
CNET’s Declan McCullagh broke the story, writing, “The U.S. government has demanded that major Internet companies divulge users’ stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed…. ‘I’ve certainly seen them ask for passwords,’ said one Internet industry source who spoke on condition of anonymity. ‘We push back.'”
The Examiner’s Joe Newby noted, “Eric Holder’s Justice Department has argued it has the authority to obtain user passwords.”
Business Insider’s Jim Edwards observed that the report, “represents an even worse scenario than the one posited by NSA leaker Edward Snowden, who claimed the feds have a program named PRISM that gives them access to the servers of Google, Facebook, Microsoft and other major web providers. The companies have denied that such a program exists, saying they only respond to specific legal requests about individuals.”
SlashGear’s Craig Lloyd commented, “Obviously, if the government wants your password, then you’re probably on their target list for terrorism or some other crazy crime, but that doesn’t mean that officials aren’t human, and they can easily abuse the system at their will.”