Industry Trends

Tumblr Password Snafu Could put you at Risk

By Richard Henderson | July 17, 2013

Popular social media/sharing site Tumblr posted a quick note on their official blog indicating that their iOS app wasn't using SSL to pass login and password details when their users were logging in via the app. An astute reader of popular tech news site The Register initially reported the issue.


What does this mean for you?

If you've used Tumblr's app on your iPhone, iPad or iPod Touch anywhere other than at home - say a public WiFi hotspot at the airport or elsewhere - it's entirely possible that someone sniffing that network could have captured both your login and password for the site.

If you are like most Internet users and recycle your passwords then any other account that uses a similar login and the same password is at risk for compromise.

Head over to Tumblr and change your password... and any other site that uses the same password.

If you want to continue to use Tumblr for iOS, please make sure you head to the AppStore and download the updated app as well to fix the insecure login issue.

Join the Discussion