According to an employee with knowledge of the system, the password to the Louvre's video surveillance system was simply "Louvre" at the time of the robbery last month.
Not surprising tbh.,I’ve been in a security meeting before where the owner of the company just said outright his password was written in big letters on the outside of the building we were sitting in. Some people really have zero sense for security or just don’t care.
Nice. Meanwhile at the place I work, they have mandated 15+ character passphrases that must have a capital letter and a symbol, that must be changed every 6 weeks, but banned the use of password managers.
They also block yubikey and similar hardware tokens from corporate devices at the USB driver level, because “to stop the hackers!”. The only 2nd factor auth they allow is Microsoft Authenticator, and Windows Hello. At least it’s something I suppose.
Not surprising tbh.,I’ve been in a security meeting before where the owner of the company just said outright his password was written in big letters on the outside of the building we were sitting in. Some people really have zero sense for security or just don’t care.
my company doesn’t even allow passwords. everything is TPM+PIN/passkeys/FIDO2 from company managed devices on VPN… for the “low security” side.
Nice. Meanwhile at the place I work, they have mandated 15+ character passphrases that must have a capital letter and a symbol, that must be changed every 6 weeks, but banned the use of password managers. They also block yubikey and similar hardware tokens from corporate devices at the USB driver level, because “to stop the hackers!”. The only 2nd factor auth they allow is Microsoft Authenticator, and Windows Hello. At least it’s something I suppose.