Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»Sony Kept Thousands of Pa...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

steve2470

(37,457 posts) Fri Dec 5, 2014, 11:09 AM Dec 2014

Sony Kept Thousands of Passwords in a Folder Named "Password"

http://gizmodo.com/sony-kept-thousands-of-passwords-in-a-document-marked-1666772286



It's been a rough week for Sony execs (million-dollar salaries notwithstanding). And things are only going to get worse. Which would almost be enough to make you feel bad for the poor schmucks in IT—that is, until you realize that they hid their most sensitive password data under the label "Passwords." Go ahead and slam your head against something hard. We'll wait.

The second trove of data snuck out sometime yesterday, and it didn't take long for Buzzfeed to stumble upon the Facebook, MySpace (an ancient form of Facebook), YouTube, and Twitter "usernames and passwords for major motion picture social accounts." Likely due to the fact that they were saved in a huge file called "Password." Which contained even more passwords called things like "Facebook login password." So they would know that that was the password. Because who needs encryption or security or common sense or even the vaguest attempt at grade-school level online safety.

Yep, "Password" should do just fine. Maybe stick a "1" on the end. That'll throw 'em off.
InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 15 replies, 1644 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (6) ReplyReply to this post
15 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Sony Kept Thousands of Passwords in a Folder Named "Password" (Original Post) steve2470 Dec 2014 OP
Not to mention storing them all in MS Excel IDemo Dec 2014 #1
Sounds handy. nt bemildred Dec 2014 #2
But, you know, how would anyone get access to that folder, see? MineralMan Dec 2014 #3
yep, they got a tad bit arrogant steve2470 Dec 2014 #6
Unencrypted password information should never be on a computer MineralMan Dec 2014 #7
you nailed it nt steve2470 Dec 2014 #8
Probably thinking "Name it Password folder, it's so obvious that no one will think to look here" FLPanhandle Dec 2014 #4
But they used a capital P! That should throw off hackers! Rex Dec 2014 #5
The stuff you see as an IT Consultant when you go out and look at other companies is mind blowing stevenleser Dec 2014 #9
right there is probably access to loads of others ProdigalJunkMail Dec 2014 #10
They might as well have the password be 12345. Initech Dec 2014 #11
Then clearly they deserved to be hacked and their documents rifled and shared. nt Dreamer Tatum Dec 2014 #12
The trick is to name the folder "grocery list". Nye Bevan Dec 2014 #13
It Gets Worse: The Newest Sony Data Breach Exposes Thousands Of Passwords steve2470 Dec 2014 #14
Nice..nt Jesus Malverde Dec 2014 #15

MineralMan

(146,281 posts)
3. But, you know, how would anyone get access to that folder, see?
Reply to steve2470 (Original post)
Fri Dec 5, 2014, 11:22 AM
Dec 2014

I mean, there's a firewall and stuff. People do stupid things, even corporate IT managers, it seems. Sony was dancing with the prettiest girls at the dance, and wasn't paying attention to the details, it seems.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

steve2470

(37,457 posts)
6. yep, they got a tad bit arrogant
Reply to MineralMan (Reply #3)
Fri Dec 5, 2014, 11:24 AM
Dec 2014

Given time and adequate resources, ANYTHING can be hacked. AFAIK, the only 100% failsafe solution is to take a server offline. If I'm wrong, someone please correct me.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

MineralMan

(146,281 posts)
7. Unencrypted password information should never be on a computer
Reply to steve2470 (Reply #6)
Fri Dec 5, 2014, 11:26 AM
Dec 2014

that is connected to any network, and access to that computer should be extremely tightly controlled and limited only to those who have the need to know such information.

That someone could hack into a networked computer with a Password folder should be a terminal embarrassment for their CIO. A firing should be done immediately.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

Rex

(65,616 posts)
5. But they used a capital P! That should throw off hackers!
Reply to steve2470 (Original post)
Fri Dec 5, 2014, 11:23 AM
Dec 2014

password. password. Why isn't it working!!!

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

stevenleser

(32,886 posts)
9. The stuff you see as an IT Consultant when you go out and look at other companies is mind blowing
Reply to steve2470 (Original post)
Fri Dec 5, 2014, 11:32 AM
Dec 2014

No backups, incredibly inadequate backups, zero security, minimal security, no firewalls, firewall device purchased but not configured in any meaningful way, and yes various kinds of inadequate password security.

And all of that is just the beginning.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

ProdigalJunkMail

(12,017 posts)
10. right there is probably access to loads of others
Reply to steve2470 (Original post)
Fri Dec 5, 2014, 11:36 AM
Dec 2014

Database Passwords.xls

Hell, probably some good customer info accessible now!

sP

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Nye Bevan

(25,406 posts)
13. The trick is to name the folder "grocery list".
Reply to steve2470 (Original post)
Fri Dec 5, 2014, 12:13 PM
Dec 2014

Oops, probably shouldn't have posted that publicly.....

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»Sony Kept Thousands of Pa...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.