@Jinx@infosec.exchange titelbild
@Jinx@infosec.exchange avatar

Jinx

@Jinx@infosec.exchange

Cybersecurity student at The Open University

Dieses Profil is von einem föderierten Server und möglicherweise unvollständig. Auf der Original-Instanz anzeigen

SwiftOnSecurity , an Random Englisch
@SwiftOnSecurity@infosec.exchange avatar

One of the biggest security expertise redpills is this is unironically a good idea and the time spent making fun of it was ill-advised for most users whose physical security threat is not a factor in comparison.

Jinx ,
@Jinx@infosec.exchange avatar

@SwiftOnSecurity when I worked for a UK quango (2010ish) coughStudentLoansCompanycough my induction included a sheet of paper with a table printed on it for recording passwords to the different systems. Full-time staff had allocated desks and we had our own lockers, but back shift, weekend and even F/T's overtime were all unallocated.

Guess where slightly under half of all full timers kept their passwords lists? TBH I kept mine on my desk as well, but I wrote pun usernames and something like P@ssword1 on it.

Some were even pinned to the baffle boards for greater visibility.

If your organisation is going to allow this, for fuck's sake consider other human factors and how to mitigate. I think staff could successfully repudiate actions linked to their account activity because this was the culture the business fostered.

  • Alle
  • Abonniert
  • Moderiert
  • Favoriten
  • random
  • haupteingang
  • Alle Magazine
    •