Jump to content


Weak passwords still the downfall of enterprise security

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 30,402 posts

Posted 14 April 2012 - 01:22 PM

Weak passwords still the downfall of enterprise security
A pet's name or a favorite movie just isn't enough
By Jaikumar Vijayan
April 12, 2012 12:19 PM ET

Computerworld - A recent data breach that exposed the Social Security numbers of more than 255,000 people in Utah has once again highlighted the longstanding but often underestimated risks posed to organizations by weak and default passwords.

The breach, involving a Medicaid server at the Utah Department of Health, resulted from a configuration error at the authentication layer of the server hosting the compromised data, according to state IT officials.

Many security analysts see that as a somewhat euphemistic admission by the state that the breached server was using a default administrative password or an easily guessable one. By taking advantage of the error, the attackers were able to bypass the perimeter-, network- and application-level security controls that IT administrators had put in place to protect the data on the server.

Such mistakes, though relatively easy to avoid, are surprisingly common.

Read more about: http://www.computerw...prise_security_