If you had difficulty wrapping your head around how third-party apps could access your information on Facebook so easily, you"ll probably get a migraine after reading this. It appears that T-Mobile Austria stores customer passwords in plain text in its database because its security is "amazingly good".
In a mind-boggling Twitter thread, people who manage the T-Mobile Austria account have confirmed that customer service agents see the first four characters of a user"s password and that the whole credential is saved in the database in plain text.
Hello Claudia! The customer service agents see the first four characters of your password. We store the whole password, because you need it for the login for https://t.co/vJapgJ50qc ^andrea
— T-Mobile Austria (@tmobileat) April 4, 2018
While T-Mobile Austria customers have genuine reasons to be worried, T-Mobile CEO John Legere has clarified that the company"s US division doesn"t store passwords in plain text.
I can only speak to @tmobile US. Our care reps can’t see passwords and we don’t store them in plain text.
— John Legere (@JohnLegere) April 7, 2018