Insurer to halt rude passwords

[InfoSec News <isn () c4i org>]

http://www.aftenposten.no/english/local/article.jhtml?articleID=386348

Aftenposten English Web Desk
Jonathan Tisdall
23.08.02

A Porsgrunn man was stunned to learn that the new password to access
his account with insurers If was ... rather rude. If has now
introduced a routine to block the creation of off-color passwords,
Telemarksavisa reports.

The 31-year-old received a letter from If inviting him to visit his
own personal area on their web site. "We have received your order for
a password for your personal site at If. Your password is: trrekukk,"  
the letter reads - the key word being roughly equivalent to 'wooden
penis'.

"OK, the word has an 'r' too much but ... it doesn't bother me but an
older person would surely have reacted," the Porsgrunn man said. He
wishes to remain anonymous in order to avoid having his name memorably
associated with his password.

"It's an untraditional password. I had a good laugh and have shown the
letter to most of the people at work," he said.

If's webmaster Thomas Aam was stunned to hear the news. "What in the
world. No, that is not on. That is not supposed to happen," Aam said,
who has never heard of a similar case.

"It could be human error, it could be technical. We encourage clients
to change the passwords they get so that they can use more normal
terms. I will discuss this with our IT department," Aam said.

If information chief Jack Frostad later explained to Telemarksavisa
that the obscenity had been generated randomly using some of the
customer's name as a basis.

"This was really bad and we offer a groveling apology. Starting this
evening we have implemented a mechanical block for taboo words and
hope that it won't happen again," Frostad said.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.