Skype has fixed a security flaw that made it possible for hackers to reset passwords simply with a user name and an email address.
The Microsoft-owned video-chatting service temporarily disabled users' ability to reset passwords after tech news site The Next Web gave Skype a heads-up on the security hole.
"We apologize for the inconvenience but user experience and safety is our first priority,” Skype told TNW.
TNW wrote that instructions for the hack were posted on a Russian online forum two months ago. The news site chose not to link to the forum because the hack "is very easy to reproduce," and indeed, TNW said it tested out the hack multiple times and successfully took over a pair of its staffers' Skype accounts.
After being alerted, Skype disabled password resets while it investigated and fixed the issue. Now, the security hole has been fixed and users can reset their passwords once again if they want, the service told The Times.