Feeds

back to article Own goal as World Cup Wi-Fi passwords spilled in newspaper snap

The Wi-Fi SSID and password for the football World Cup's security centre were exposed – after a photograph of host nation Brazil's federal police brass inadvertently captured the creds written on a white board. The snap appeared in newspaper Correio Braziliense, and showed the head of international cooperation Luiz Cravo Dorea …

COMMENTS

This topic is closed for new posts.
Bronze badge
FAIL

How many users over the years...

Have written their password down and post-it note'd to the monitor - seems this trend is set to continue for ever, and advances with technology.

6
0
Bronze badge
Facepalm

Re: How many users over the years...

One of my brothers, who recently passed away, went on step better than Post-it Notes on ALL of his computers...he took the time and trouble to use a label maker to neatly create labels with every username and password he used online...and then affixed them to his computers.

When my other brother, a Sys Admin like myself, found this and showed me what he had done, we both were speechless.

0
0
Silver badge

Re: How many users over the years...

Sounds like a good idea.

You are trying to protect your online banking from a hacker on the other side of the world, not a family member looking over your shoulder. So a long complex password written down is better than a short memorable password that you never change.

9
1
Bronze badge
Stop

Re: How many users over the years...

> a long complex password written down is better...

Except that if you read your online banking terms and conditions you'll find that writing down your password in this way is forbidden, and you'll be liable for fraudulent losses should they occur.

I protect my passwords from family and friends, and expect them to protect theirs from me; there seems to be this weird idea floating around that F&F ought to be trusted, which IMHO undermines the correct mindset with respect to front-line security.

0
0

PSK?

This is why PSK is not suitable for anything other than guest, public or home wifi. Anything more serious should be using certificates with a proper crl in place.

5
0
Bronze badge
Facepalm

A shining example

showing that secured premises and cameras don't mix well.

But given the password quality, I wonder why they even bothered to set one in the first place.

4
0
Bronze badge
Thumb Down

Re: A shining example

"But given the password quality"

10 alphanumeric characters could even mean it's a 64-bit WEP key!

4
0
Silver badge

Even better though

Now we know how the World Cup creates its passwords ! <nameofcountry><year>.

A job well done for security, innit ?

4
0

b5a2112014

Tw4t5!

4
0
Silver badge
Facepalm

Cameras in a secure environment

First question : Why was a picure allowed to be taken within an environment dealing with security.

9
0
Bronze badge
FAIL

Re: Cameras in a secure environment

To demonstrate how high-tech and secure they are - except in this case it did exactly the opposite.

7
0
Anonymous Coward

Re: Cameras in a secure environment

Because, management, of a certain type. On the premises of a former employer who shall remain nameless, I once punched in the server room PIN, opened the door, and found myself face to face with the 'Health & Safety' Manager (who was inexplicably in possession of the PIN) along with two bods from an insurance company. He proceeded to complain that cables at the back of the rack were unsafe, and that one of the insurance bods had nearly tripped over them (more on this later...).

He appeared somewhat perplexed when I pointed out to him that entering the server room without authorisation or accompaniment by IT staff constituted gross misconduct. Not as perplexed as me when a) I discovered that the Insurance bloke had actually 'tripped over' several cables and in one fell swoop taken out a card payment system and b) we proceeded to take the blame for the downtime.

Unsurprisingly no action was taken against the 'H&S' Manager, or the person who gave him the PIN code for a restricted area. For a certain species of manager, policies are for the peasants, statutes for serfs; that picture is likely the result when such a person heads up a security operation.

31
0
Silver badge

Re: Cameras in a secure environment

I suppose that takes "Reverse Engineering" to a whole new level.

0
0
Bronze badge

Re: Cameras in a secure environment

I'd say given the nature of the World Cup, and the media attention surrounding it, the real question is:

What idiot in a security firm(!) thought it would be a good idea to make a billboard out of secured wi-fi credentials?

If you don't know there are going to be cameras absolutely everywhere at an international sporting event, you have no business trying to secure the event.

1
1
Facepalm

Oh b0110c5.

</enough said>

3
0
Bronze badge

Now we have to wonder how many people had successfully guessed the password before this picture became available......

2
0
Bronze badge
Coat

If I'd been asked to guess what the p/w to any Worldcup installation might be, that would have been the last I would think of. No one could be that stupid...........!

Err Well, apparently.......

0
0
Silver badge
Facepalm

Yeah, sure....

Yeah, sure you'd all have guessed that password(!)

0
0
LDS
Silver badge

Sure, setting up WPA2 Enterprise...

... is too much work for such poorly paid people and with so little resources... guess they spent the time scheduled to setup the RADIUS server playing football instead...

And moreover - shared password = no accountability...

0
0
WTF?

I Don't Get It

How does 5 represent R in 1337 speak?

1
0
Bronze badge

Re: I Don't Get It

It doesn't! That's the high-security feature in the password!

5
0

He looks about 300% done.

0
0
This topic is closed for new posts.