Yet another report on the password predicament
“We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in plaintext'” https://www.theregister.com/2020/12/16/solarwinds_github_password/ It says "their update server was accessible with the password 'solarwinds123'”.
Every time these absurd incidents are reported, we are told to listen to security professionals who love to lecture us to manage the text-only passwords that we are incapable of managing.
How long do we have to keep hearing them preaching “We would be safe if we do what we are unable to do”?
I wonder why those people are not keen to look at the merits of making use of non-text secret credentials besides the text passwords.
Ref: “On #BigIdeas2021” https://www.linkedin.com/posts/hitoshikokumai_after-police-raid-on-covid-19-whistleblower-activity-6744799100195209216-P0AQ
Log in or sign up for Devpost to join the conversation.