[londons_explore]

I wonder how many times ransomware has gotten into Google/Amazon's employees laptops?

Having 100k employees, most of whom have admin access to their own machines (cos developer) has got to make it almost impossible to stop it happening.

[babelfish]

I have a friend who works at G that told me shortly after he started working there, he accidentally typed some portion of his password into another website, at which point his laptop immediately locked down and he was forced to change his password before doing anything else.

[tremon]

Are you implying Google had his password stored in reversible form?

[londons_explore]

This is what OP is talking about:

https://chrome.google.com/webstore/detail/password-alert/noo...

And yes, it does store a hash of the password on the local machine, although I suspect it's only a 32 bit hash or something so you can't 'crack' it to recover the original password.

[weird-eye-issue]

Nothing about the comment that you replied to would require them to store their password in "reversible form"

[londons_explore]

> some portion of his password

Doing a partial string match on a password would effectively require it in reversible form. Even if you hashed all the possible substrings of the password, it would be trivial to brute force given all the hashes of the same string with one extra character on the end...

But OP was mistaken - the tool Google uses only alerts if the entire password is typed. Meaning that OP's friend was careless with password hygiene. As is nearly every new Google employee.

[awwaiid]

Maybe they keylog and incrementally hash everything including password subset? Seems implausible.

[paxys]

If there's ransomware on an employees's laptop you simply throw it away and give them another one. And have them go through a lot of security training after.

[beermonster]

Assuming they were the weakness. It might be that patching velocity was the reason the laptop became infected. Where I work that is managed via patch management software not the end-user.