Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Password != secure - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Password != secure

Reading a story on how an attacker broke into the administrative interface to twitter was the following quote: "One of the admins has a yahoo account, i've reset the password by answering to the secret question. Then, in the mailbox, i have found her twitter password." Social engineering and good guessing trumps security every time. Twitter have confirmed the intrusion, so sad but true. No hacking necessary. I could probably rant for hours on the subject, but most of you know the story. Enough said.

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Adrien de Beaupre

353 Posts
ISC Handler
Yes, we know the story. And again, too much spending in security, and at the end the human factor is out of control by the policies!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!