Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Password != secure - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Password != secure

Reading a story on how an attacker broke into the administrative interface to twitter was the following quote: "One of the admins has a yahoo account, i've reset the password by answering to the secret question. Then, in the mailbox, i have found her twitter password." Social engineering and good guessing trumps security every time. Twitter have confirmed the intrusion, so sad but true. No hacking necessary. I could probably rant for hours on the subject, but most of you know the story. Enough said.

Adrien de Beaupré Inc.

Adrien de Beaupre

353 Posts
ISC Handler
Jan 24th 2011
Yes, we know the story. And again, too much spending in security, and at the end the human factor is out of control by the policies!

Sign Up for Free or Log In to start participating in the conversation!