What did the password to @realDonaldTrump discovered by an expert mean?

 What did the password to @realDonaldTrump discovered by an expert mean?

On the fifth attempt, a Dutch security expert managed to take control of the President of the United States' Twitter account. The password was simple and two-factor authentication was not enabled.

With 87 million subscribers as of October 23, 2020, Donald Trump is one of the ten most followed Twitter accounts in the world, and the President of the United States is a real tweet bulimic since he posts about thirty a day! It is quite simply its first means of communication, and contrary to what one might think, it is not very secure.

Thus, a Dutch security expert managed to log into Trump's Twitter account without much effort. He had already done this in 2016, and he wanted to verify that Trump had better secured his account. Except that the password used was "weak", and Trump had not activated two-factor authentication protection. The President of the United States did not receive an alert when Victor Gevers connected with his account.

This cybersecurity expert could edit the profile of Trump's Twitter account. © Vrij Nederland

No blocking after four unsuccessful attempts

Screenshots at the key, the latter thus proved that he had had access to the private messages of the president, that he could modify his profile and posted messages. In the magazine Vrij Nederland, the expert says that he managed to "crack" the password on the 5th attempt. He tries “maga2020! (Short for Make America Great Again, Trump's slogan) and it works!

“I expected to be blocked after four failed attempts,” he says, but Twitter didn't ask for any additional information, like a back-up phone number or email address.

Immediately, Gevers alerted Trump and US government services to his discovery and this big security hole. It was the American secret services in the Netherlands who answered him. Trump's account has since been more secure and his password has been changed. Fortunately this expert was not a Russian or Chinese hacker because it could have had much more serious consequences.