Security? Why Bother

I’ve been working on an internal information delivery system for an unnamed multi-national.

I just logged in to their production database to set up some new features. One of which involved updating their user database. While poking around, I noticed that all but 62 of their roughly 400 users had the same password hash (meaning they all had the same password)!

Seriously!

  • Leesha

    10 bucks says it’s “password”

  • Leesha

    10 bucks says it’s “password”

  • Genster

    Very interesting.
    Working with the largest employer in BC, there is obvious concern for security, and encryption is used. And a great deal of people write their password on a sticky note, stick it next to the trackpad on the laptop for easy remembering on the road.

    People just don’t care until the news comes out with another story of someone’s “personal infos” getting “stolen”, and then knickers end up in knots… but they still don’t think *they* have to follow the guidelines.

  • Genster

    Very interesting.
    Working with the largest employer in BC, there is obvious concern for security, and encryption is used. And a great deal of people write their password on a sticky note, stick it next to the trackpad on the laptop for easy remembering on the road.

    People just don’t care until the news comes out with another story of someone’s “personal infos” getting “stolen”, and then knickers end up in knots… but they still don’t think *they* have to follow the guidelines.

  • It’s not. It’s less characters.

    The best part is that the server is super secured, behind like 25 proxies.

  • It’s not. It’s less characters.

    The best part is that the server is super secured, behind like 25 proxies.