sylar182

7y

Recently, one of our passwords was accidently published on a public page for a few minutes before it was noticed and removed. Unfortunately, this password opens nearly every locked account so it's a pretty big deal.

Management was informed of this mistake and told that we should change the passwords as well as implement a few other protocols to make sure this doesn't happen again including things like unique passwords, more secure passwords, using a password manager, etc.

Their response? It wasn't online long, probably no one saw it. There will be no changes in how we handle ours or our clients' secure passwords.

rant

passwords

security 101

management

Ranter

Comments

4

sylar182

2942

7y

@ArcaneEye caches we can control were cleared and it was put on our site so we control most of them. But no, no additional checking was done to ensure it wasn't cached, and no one is changing the password to make sure it is invalidated.
0

TheLazyDev

230

7y

Time to organise an intervention for the management
9

Wack

6311

7y

Did you also check googles cache and the way back machine?

Plus make sure to leave/create a paper trail. Write an email to managment, explaining what happend, what you propose to do and what could be consequences (include financial and reputation damages) and include, that they stated not to do anything. Something like "this to summarize our conversation about the security breach".

That way, no matter if something bad happens or not your ass is covered. Always remember HR is there to protect the company and not you.
0

andersmmg

72

7y

This is why I use git xD development and production sites are separate
2

sylar182

2942

7y

@Wack paper trail, investigation, emails, write up, has all been done and ignored as expected. I can only lead the horse to water.

I told them today that they would solve their roof leaking on their heads by carrying an umbrella.
2

Wack

6311

7y

@sylar182 like that analogy

Related Rants

devRant © 2021 Hexical Labs LLC
Privacy Policy | Terms of Service