Can this be true?

A Dutch security researcher has said that he had gained access to Trump’s Twitter account by guessing the password. What was it, you ask? “maga2020!”. Yes, really.

Victor Gevers, a security expert, had access to Trump’s direct messages, could post tweets in his name and change his profile, de Volkskrant reported.

Gevers – who previously managed to log into Trump’s account in 2016 – gained access by guessing Trump’s password. Maga2020, a popular tag for Trump’s re-election campaign, was Gevers’ fifth attempt – and it worked.

“I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information,” Gevers told de Volkskrant.

Remarkably, it wasn’t the first time Gevers has gained access to the president’s Twitter account. In 2016 he and two others guessed Trump’s password, and got into his account.

Back then Trump’s password was “yourefired”, according to Vrij Nederland.

I find it hard to imagine that even Trump would use such an obvious password but with Trump, there seems to be no lower limit for incompetence.


  1. Chris J says

    Seems real. I tried out the combo, and it got to asking for an email and phone number to verify my identity. I don’t think twitter would do that if you got the combo wrong.

  2. Chris J says

    Seems real. I tried out the combo, and it got to asking for an email and phone number to verify my identity. I don’t think twitter would do that if you got the combo wrong.

  3. Chris J says

    Eh, actually, scratch that. I was trying a different password. Still, it doesn’t seem completely out of line. Politicians aren’t exactly known for their good security practices.

  4. johnson catman says

    Well, it would have to be something he could remember, or at least spell without having to look at a cheat sheet.

  5. sqlrob says

    I’ve seen other security guys verify the yourefired password on LinkedIn, so yeah, it could very well be that bad.

  6. StonedRanger says

    I hope this person had the good sense and common decency to unblock and unban all of the people on his blocked and banned list.

  7. says

    The code to “the football” from Reagan through Clinton was 012345678

    I’d not be surprised if Trump’s password were stupid (I assume his IT people are the very worst) but systems like Twitter usually require additional steps to enable new devices, like a confirmation email or SMS. Easy enough for NSA or FSB to get through using a man in the middle attack but last time I checked one of them works for him, and he’s employed by the other.

    When he got elected there was serious discussion with an eye to compromising the account to manipulate the stock market. The degree of backtrack that is available would make that very dangerous. Good plot for a thriller tho.

  8. Who Cares says

    Your joke isn’t as much of a joke as you think it is.
    1 in 10 four number pins are 1234

    And I’m going to guess that this is real based on that the guy who reported this is the head of a vulnerability disclosure foundation which seems to be a project run/supported/financed by the Stichting Internet Domeinnaamregistratie Nederland (Netherlands Foundation for Internet Domain Names). So while it is a publicity stunt lying would be the end of his career and damage to the trustworthiness of that foundation.

  9. flexilis says

    @jrkrideau (#7) Knowing his bank PIN probably wouldn’t do me any good if his balance is negative.

  10. lorn says

    Sysops for university systems regularly scan the passwords used and, pretty much without exception, you find that the usual suspects get used again and again. Password= password, 12345678, abcdefg, qwertyui …

    And it isn’t just the dumb people either. It seems to be part of human nature.

    Of course a big problem is how security is handled. Allowing unlimited guessing at machine speeds makes even fairly complex passwords hackable. Inserting a exponentially growing time delay between guesses is good. Two seconds, four, eight, sixteen, thirty-two … humans would barely be inconvenienced. And even simple passwords would be more difficult to guess. But what the hell do I know.

Leave a Reply

Your email address will not be published. Required fields are marked *