This lack of DG-Locker puts the data of 38 million users at risk


One official app after another has major flaws, so that hackers can easily break the personal data of millions of citizens. Following the CSC BHM website, DG Locker is raising similar questions. DigiLocker, an online online service, has the advantage of digitally storing documents but lacks authentication, putting the data of millions of users at risk. Taking advantage of this deficit, hackers can provide two-step authentication and access to sensitive data for anyone, but the removal is fixed as soon as it shines. It is noteworthy that this government service is used by 3.84 crore users, if this error is not found, it could easily misuse the data of all these users.

Security researcher Ashish Gehlot lacks this DG locker To reveal Did. They found this deficiency in the DG-Locker system by analyzing the authentication method. However, researchers have discovered that the default MACNISM asks for a one-time Single Password (OTP) and PIN when logging in to digital storage. However, he was able to bypass this process, adding the Aadhaar number to it and changing the parameters when interpolating the DG Locker connection.

Some who have the technical knowledge may be able to take advantage of this authentication restriction and set up a new PIN and even access the DG Locker account without any password. In addition to these reductions, hackers can access user profiles by bypassing the OTP process and make many changes using the intercept tool.

Let me tell you, Gehlot noticed this decline in Digilcar last month, after which he also informed the Digicol team about it. The team removed the lack of pin bypass in a few days. However, the OTP bypass reduction is scheduled for Monday.

Available on the DG Locker site The information Seeing this, 3.84 crore registered users use this platform. Many documents like Aadhaar card, insurance policy, income tax return, marksheet are stored on this platform.

Leave a Reply

Your email address will not be published. Required fields are marked *