Inside Discord’s Security Overhaul
Popular communications tool tweaks settings to court everyday users
In an April 2020 report on the security and privacy of 15 video calling apps, the Mozilla Foundation gave failing grades to three apps: Doxy, Houseparty, and Discord. I was one of the journalists who worked with the foundation to break the story.
It’s been months since the report came out, and both Doxy and Houseparty are still on the foundation’s fail list. But Discord, a voice, video, and text communication tool that’s popular with gamers and on the rise among other groups, is different. Within one day of the Mozilla report’s release, Mozilla announced that Discord had fixed its most glaring security hole, which allowed accounts to be created with passwords as simple as “111111.” The foundation applauded the rapid change, saying, “We’re pleased to see Discord prioritize consumers’ security, and thank them for their quick action.”
After the Mozilla report, Discord reached out to me with information about the privacy of its app. The spokesperson said, “We do not make any money via advertising or share [user] data with any third-parties that look to profit off of the information from our users. Our business model is entirely based on subscriptions (Nitro).”
Fixing password procedures seems…
