We took Adobe to task for a lack of clarity in its breach notification.
Believe me, in the case of my entire security career which has spanned across two decades, I have seen the same passwords even followed by various device manufacturers, application makers, using as at the default root level / admin level accounts, hoping we the humans will change it after we start using (which we don’t).One month ago today, we wrote about Adobe’s giant data breach.Īs far as anyone knew, including Adobe, it affected about 3,000,000 customer records, which made it sound pretty bad right from the start.īut worse was to come, as recent updates to the story bumped the number of affected customers to a whopping 38,000,000. With different ethnicity, language, culture and relationships, but united in the cause of using crappy passwords! When will we learn? I am strongly saying the day will never come. Be it laziness or because of the importance of target system, but tend to follow a similar pattern for secure and protected, high sensitive system because when a habit is formed, it becomes routine and human mind gets accustomed to it!Īfter all we are humans.
We (collectively) for some reason, cannot or do not want to follow the advice of using some common passwords. Be whatever the system, cryptography, perimeter security, application security, host security and what not, if one use a crappy, easy to use password, it is matter of nanoseconds before everything gets compromised. Humans are inevitably the weakest, weakest link in the security chain. Though for a security researcher, it would be an apple for analyzing all the passwords, but even without the encryption key, using the password hint, a list of top used passwords (really crappy list which has been advised for ages to forgo.) which still brings the quirks of security. If one has been using the same password (which most do! :( ) across multiple sites, it is strongly advised to change the password as soon as possible because it is only a matter of time that the Adobe’ encryption keys are hacked. Think of a spammer who can get hold of such data? Though nothing much can be done about the exposed emails, it is advised to change the password of the Adobe ids to something more secure and not used across any of the sites. To be exact, the number is : 153,989,523 email addresses! That’s right! it is ~154 Million user ids! While the media has been talking abuzz about Adobe data leak, the figure is staggering 153.9 million user ids.
0 kommentar(er)
