ᏤⵁŁ₮ƦⵁИł€
Follow

I just received a password expiration notice from district IT.

It is so frustrating that they still use such outdated security practices. We can't even use a password generator because this one password is used for log on to all devices as well as access to all accounts via the SSO dashboard. MFA is also not a thing.

· 2· 0· 6
AuthorIan 📚 ☕ 🍜  

@voltronic One of my primary suppliers just recovered from a major ransomware incident. They require new passwords every couple of months.

Their system allows you to use the same password at every update. 😂

0
𝗟𝗼𝗯𝗼𝗵𝗼𝗹𝗶𝗰³³°¹  

@voltronic Yikes. Hopefully you guys have some sort of breach / credential exposure service.

1
ᏤⵁŁ₮ƦⵁИł€  

@loboholic
You're hilarious. Just thousands of people using weak passwords because they have to change them so often.

1
𝗟𝗼𝗯𝗼𝗵𝗼𝗹𝗶𝗰³³°¹  

@voltronic well I work in the ATO / recovered asset realm so hearing that kind of thing always makes me squirm.

1
ᏤⵁŁ₮ƦⵁИł€  

@loboholic
If such a thing exists, I'm not aware of it.

1
𝗟𝗼𝗯𝗼𝗵𝗼𝗹𝗶𝗰³³°¹  

@voltronic If what kind of thing exits?

1
ᏤⵁŁ₮ƦⵁИł€  

@loboholic
Credential breach notification service.

If one has happened, I've never heard about any mitigation systems.

1
𝗟𝗼𝗯𝗼𝗵𝗼𝗹𝗶𝗰³³°¹  

@voltronic Of course HIBP has been around forever, is free and has an API that can be integrated into various tools. But you get what you pay for. Paid products like SpyCloud offer far superior quality records and actual remediation of exposed passwords.

0
Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…