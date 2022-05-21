Gmail is the world’s most popular and secure email service, but a new “authentication code” warning has sparked great concern among users.

And security researcher Youssef Samouda revealed, in a post on a technical blog, that flaws in the “authentication code” issued by Gmail enabled him to exploit security holes in the Facebook social networking site and hack accounts.

Samouda explained that he was able to exploit Google OAuth redirects and link them to Facebook’s security systems to hack accounts.

Google OAuth is one of the systems used by Amazon, Facebook, Microsoft, Twitter and others to allow users to link their accounts to external sites.

Samouda highlighted that “this vulnerability could have been exploited on a large scale,” stressing that he had received about $45,000 as a “reward” from Facebook, in exchange for the security flaw he discovered.

Commenting on the discovery, the “Malwarebytes Labs” website, which specializes in information security, issued a warning to anyone who uses accounts linked to a few of them, and said: “Linked accounts were invented to facilitate the login process… but we do not recommend it, because if anyone gets a single password Only, they will be able to control all the other accounts.”

And if this warning makes you uncomfortable, you can unlink accounts, including Google OAuth.

On Facebook, for example, you can go to “Settings and Privacy”, then “Settings”, then “Account Center” and “Accounts and Profiles”, then you can choose to “unlink”, according to Sky News Arabia.

You can do the same with other sites, such as Twitter, Amazon, Microsoft..