[Noisebridge-discuss] A reason for having different passwords.

Norman pryankster at gmail.com
Wed Jun 5 17:09:56 UTC 2013


This is an example of why you should have a different, randomly 
generated, password for each site.

-----------
Recently Company A, a trucking dispatcher, setup a web based dispatch 
system.

Needing to remain competitive Company B setup one also, with a 
difference. Guessing that the truckers would use the same password on 
both systems they kept a record of the user names and passwords. After a 
while Company B started logging into Company A’s system as established 
truckers and accepted loads that would never be picked up.

In the following court case Company A won because they could prove that 
the bogus logins were coming from Company B.
-----------

I got is story from a recent security conference.

Norman


More information about the Noisebridge-discuss mailing list