Reply to post: Outsourcing helps... the hackers

It's 2016 and idiots still use '123456' as their password

Red Bren

Outsourcing helps... the hackers

What about companies that outsource various non-core activities to third party suppliers? They invariably cut costs by doing everything online over the public internet. There's no chance of single-sign-on or public/private keys for authentication, just plain username and password. As there's a different third party site for each outsourced function, people will just reuse the same username/password combination for them all.

It doesn't matter if your IT security policies are watertight if you effectively give your entire password file to some tin pot site management company because it's deemed too expensive to create a secured extranet connection to report blown lightbulb.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019