BreachExchange mailing list archives
Top 10 worst password FAILS of 2018
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 14 Dec 2018 07:44:33 -0600
https://www.csoonline.com/article/3326830/security/top-10-worst-password-fails-of-2018.html#tk.rss_news The 2018 worst password fails, by that Dashlane means worst offenders this year, are: 1. Kanye West for unlocking his iPhone on TV in the White House with 000000. 2. The Pentagon for protecting weapon systems with default passwords, as well have having such pitiful admin passwords that the GAO audit team could guess them in nine seconds. 3. Cryptocurrency owners for failing to remember their passwords to their digital wallets in order to cash out while cryptocurrencies were at record-level highs. 4. Nutella for telling Twitter followers to use “Nutella” as a password — advice sent out on World Password Day. 5. U.K. law firms, 500 of them, for their 1 million corporate email and password combinations, stored in plaintext, which were discovered by researchers on the dark web. 6. The state of Texas for exposing over 14 million voter records thanks to a server that didn't have password protection. 7. White House staff for a member writing down his email login and password and then leaving the White House stationery document at a Washington, D.C., bus stop. 8. Google for leaving a Google admin page with a blank username and password combo, allowing an engineering student to get access to a TV broadcast satellite. 9. The United Nations for its staff failing to password-protect collaboration projects using Trello, Jira, and Google Docs. Anyone with the right “link could access secret plans, international communications and plaintext passwords.” 10. University of Cambridge for leaving a password in plaintext on GitHub, allowing anyone to access the data of millions of people — data that had been extracted from the Facebook quiz app myPersonality. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Top 10 worst password FAILS of 2018 Destry Winant (Dec 14)