Just by using Google dorks (inurl:https://trello.com AND intext:@gmail.com AND intext:password), we can get all the Trello dashboards where people actually put their login/password and share them with their team members.
it’s insane the number of login/password to email addresses we can find by JUST Googling it.
please people, pay attention and be paranoid with your credentials.
The Google Dork:
inurl:https://trello.com AND intext:@gmail.com AND intext:password
Thanks to:
- reddit.com/r/security/comments/93n6ln/stop_using_trello_as_a_password_manager_how_to/