all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Passwords Are Terrible (Surprising No One)

Add to bookmarks
Feb. 1, 2023, 12:08 p.m. | Bruce Schneier

Security Boulevard securityboulevard.com

This is the result of a security audit:



More than a fifth of the passwords protecting network accounts at the US Department of the Interior—including Password1234, Password1234!, and ChangeItN0w!—were weak enough to be cracked using standard methods, a recently published security audit of the agency found.


[…]


The results weren’t encouraging. In all, the auditors cracked 18,174—or 21 percent—­of the 85,944 cryptographic hashes they tested; 288 of the affected accounts had elevated privileges, and 362 of them belonged to senior …

accounts agency audit cracked cracking department hashes identity & access national security policy network passwords privileges protecting result results security security audit standard us department of the interior

Visit resource

More from securityboulevard.com / Security Boulevard

How a YouTube Content Filter Can Give Your District More Control 2 hours ago | securityboulevard.com
beyond can control education +13
ITDR vs ISPM: Which Identity-first Product Should You Explore? 7 hours ago | securityboulevard.com
axiad cybersecurity emerging fresh takes +7
“You Can’t Protect What You Can’t See” Still Rings True. Why Observability Now. 11 hours ago | securityboulevard.com
awareness blog can effectively +12
Transforming Customer Experience: Enhancing CX through CIAM and Insights 13 hours ago | securityboulevard.com
ciam ciam solutions competitive customer +23
What is Penetration Testing: A comprehensive business guide 14 hours ago | securityboulevard.com
benefits business critical cyber security +18
Best Practices to Strengthen VPN Security 14 hours ago | securityboulevard.com
authentication best practices covid data +26
Cradlepoint Adds SASE Platform for 5G Wireless Networks 14 hours ago | securityboulevard.com
5g access cloud cloud service +28
BTS #28 – 5G Hackathons – Casey Ellis 15 hours ago | securityboulevard.com
casey ellis eclypsium enterprise hackathons +6
CCPA Compliance with Accutive Data Discovery and Masking: Understanding and protecting your sensitive data 15 hours ago | securityboulevard.com
act adm platform articles businesses +30

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Systems Administration

@ Peraton | Washington, DC, United States
View on infosec-jobs.com

Android Security Engineer, Public Sector

@ Google | Reston, VA, USA
View on infosec-jobs.com

Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid

@ Black & Veatch | Denver, CO, US
View on infosec-jobs.com

Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)

@ Novo Nordisk | Montes Claros, Minas Gerais, BR
View on infosec-jobs.com

Principal Engineer, Product Security Engineering

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs