If Your Password Disappears, Look 4 it

If you enter a password into a login box and your password disappears, look for it!

I’m serious, because it happened again today. Not to me, but to my colleague.

I received a work email that provided instructions for logging into a new, internal website. I was not able to log in, and neither was my co-worker in the next cube.

So I replied to the sender, saying that neither I nor my bud were able to log in. Was something wrong with the URL or the website?

The email bounced around to several people and I was copied on all of them.

Finally, one of my colleagues a few rows away forwarded the email back to me, stating that she was able to log in fine, and that I should call the help desk.

And that’s when I saw it.

In the email, right where the website URL was shown, was my colleague’s user ID and password. She obviously had clicked the URL, opened the website, and then accidentally made the email window active again. She probably looked away and then typed her ID, hit the TAB key, and then her password.

When her eyes returned to the screen, she didn’t see the website, so she clicked over to her browser and saw the empty login screen. And entered her credentials again, made sure the website was ok, and then returned to the email.

She scrolled from the URL in the email, up to the top, and then typed, “Mack, the website is OK. I was able to log in. Must be you. Call the help desk,” and sent me the email, totally unaware of what she did.

Why do I need to call the help desk? I had her ID, her password, and I know it worked, right?

Just kidding.

But seriously, the next time you KNOW you typed your password, but it didn’t get entered on the login screen, please look for it. You probably typed it in another window.

Sometimes, when you type in the wrong place, no text is generated, but occasionally, it ends up elsewhere. So make sure you check all open windows to see where your password may have went.

Not too long ago, I was chatting with another auditor who accidentally typed her password into our chat session. Too many open windows have their disadvantages. My fellow auditor was more embarrassed by her weak password composition that the leak itself.

It happens. Just change your password real quick. And make sure you pick a decent one.

———————————–

I write about passwords often. You might also like:

Pathethic Password Help Pages

Randomly Generate Weak Passwords

Throw Password Rules Under the Bus?

Free Firewall Password (Just Ask)

Password, Password on the Wall

Pwd on the Wall 2

Library Checkout: Touch Screen, Lose Password

Quote of the Weak (Special Characters)

Quote of the Weak: Cloud & Passwords

Leave a comment

Filed under Security, Security Scout

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s