When Donald Trump was running for president the first time, ethical hacker Victor Gevers accessed his Twitter account by guessing the candidate's password.
It was the phrase made famous on Trump's hit TV show "The Apprentice": yourefired.
Unfortunately for the candidate, he had chosen a password that was easy to remember and also easy for someone to guess.
Hackers claims new access to Trump's Twitter account
And according to Gevers, he's accessed President Trump's Twitter account again, after going through a short list of "easy to guess" passwords based on catchphrases spoken by the President. The list included:
And according to Gevers, the last one did the trick: maga2020!.
In the process, he claims to have uncovered that the President had not enabled two-factor authentication (2FA).
Gevers told Dutch publication RTL News how he reacted:
"I thought 'Oh God' when I logged in. I just don't want me to be able to get in, especially not with such an important account."
Why is hacking the President's Twitter account such a big deal?
As we've seen for quite some time now, social media account takeover attacks are common, including attacks that take over celebrity, athlete, and CEO accounts. But RTL News correspondent Erik Mouthaan points out that Trump's Twitter account is his main communication tool.
"The White House has said that all tweets count as official statements by the president. Ministries are closely monitoring the account because often policies have to be made based on Trump's thoughts. For example, he announced a ban on transgender people in the military via Twitter, instead of a press release or a bill.
Twitter is where Trump vents his anger and pride, you really get a sense of how he feels moment to moment. If a malicious party were to hijack the account just before the election, it could have immense consequences for the integrity of the election and the security of the land."
Interesting twist: Twitter denies Gevers accessed Trump's account again
Both Twitter and the White House deny the claim that Gevers accessed Trump's account for a second time. And The Hill received this statement from Twitter:
"We've seen no evidence to corroborate this claim, including from the article published in the Netherlands today," the company said in a statement to The Hill. "We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government."
So for now, we'll leave this story in your hands. We report, you decide.