UK Politician's Campaign Staff Tweets Out Picture Of Login And Password To Phones During Campaign Phone Jam

from the p@ssw0rd! dept

When we talk password security here at Techdirt, those conversations tend to revolve around stories a bit above and beyond the old "people don't use strong enough passwords" trope. While that certainly is the case, we tend to talk more about how major corporations aren't able to learn their lessons about storing customer passwords in plain text, or about how major media outlets are occasionally dumb enough to ask readers to submit their own passwords in an unsecure fashion.

But for the truly silly, we obviously need to travel away from the world of private corporations and directly into the world of politicians, who often times are tasked with legislating on matters of data security and privacy, but who cannot help but show their own ineptness on the matter themselves. Take Owen Smith, for example. Smith is currently attempting to become the head of the UK's Labour Party, with his campaign working the phones as one would expect. And, because this is the age of social media engagement, one of his campaign staffers tweeted out the following photo of the crew hard at work.


The image is such that the problem may not jump out at you. Hopefully one of the many internet-ers that tweeted a response to the campaign will help.


Yes, a staffer for the campaign managed to tweet out the full login and password to the phone banks for the campaign's phone jam. That password was also declared weak by the same internet that had managed to suss it out from the photo as well, leading some to complain that politicians that cannot bother to run organizations that adhere to basic security practices shouldn't be trusted to legislate on those matters in government.

The tweet has since been deleted and the credentials altered, but password security practices probably start with a first step of: don't send out your l/p to the entire known internet-connected world.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, owen smith, passwords, security, uk


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Michael, 12 Sep 2016 @ 4:25am

    Let's not forget to mention that it's also a good security policy to not write passwords on a whiteboard and share them with a bunch of people.

    Even without the tweet, this guy is a twit.

    link to this | view in thread ]

  2. identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 5:08am

    Obviously this was a Russian ISIS informant trying to overthrow the government. They should be arrested. And the military should liberate or invade the country...

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 12 Sep 2016 @ 5:10am

    CFAA Violations for anyone who saw that tweet. You are all criminals! Go to jail!

    link to this | view in thread ]

  4. identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 5:19am

    Add this

    Let's not forget that the intentional deletion of the tweet is tampering of evidence which proves they knew they were breaking the law.

    link to this | view in thread ]

  5. icon
    Hankster (profile), 12 Sep 2016 @ 5:27am

    All whiteboards should be automatically encrypted as you write. Then only those those that are wearing the super secret decrypting glasses could read it.

    link to this | view in thread ]

  6. icon
    Oblate (profile), 12 Sep 2016 @ 5:52am

    Re:

    Any writing I put on a whiteboard is encrypted. That is if you listen to the complaints from those trying to read it...

    link to this | view in thread ]

  7. identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 6:01am

    Key

    Ahh, that explains why I can read it using my government computer. But not my personal computer.. I have the golden key which means only I being a good person can see it.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 12 Sep 2016 @ 6:43am

    > The tweet has since been deleted and the credentials altered

    Yes, but who altered them? Smith's campaign group would like to talk to them.

    link to this | view in thread ]

  9. identicon
    I.T. Guy, 12 Sep 2016 @ 7:42am

    No worries... they changed the login to Password\Pa$$w0rd.

    Its safe now.

    link to this | view in thread ]

  10. identicon
    Skeeter, 12 Sep 2016 @ 10:35am

    Just - wow

    Seriously, I see the picture here. I can't make it out clearly, so I save a copy to my desktop (wanting to see this 'disclosing' image). On a 32-inch monitor, I try to make out what is said at: password: x&*^%%m and just can't get there.

    To this, it SUPREMELY BEGS THE QUESTION, why are people using image enhancers, blowing up images 32x, and so-forth just to see 'what gory, juicy details are REALLY in the picture?'

    I mean, if you have Bill, Hillary, Donald and Barack all laughing together at a black-tie event, I get 'tearing a picture down' to find 'hints' about what's 'really going on', but being as this mp isn't exactly the Prime Minister, I'm not really getting the significance of this 'password crack' to begin with.

    Obviously, the citizens of the UK need more entertainment, more hobbies, or may just more employment - so they aren't tearing insignificant politicians' press photos apart? Just an idea.

    link to this | view in thread ]

  11. icon
    Hankster (profile), 12 Sep 2016 @ 1:03pm

    Re: Just - wow

    Ummmmm, yes, why did YOU do that?

    link to this | view in thread ]

  12. icon
    JoeCool (profile), 12 Sep 2016 @ 1:08pm

    Re: Just - wow

    Anytime the opposition posts pictures of plans on a whiteboard, you're naturally going to want to read them. They're GIVING you the info instead of needing to go to "extremes" to get the info.

    link to this | view in thread ]

  13. identicon
    Digitari, 12 Sep 2016 @ 1:24pm

    SMART

    the second guy to tame fire didn't scream as loud as the first.

    this is NOT the first time something like this has happened

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 12 Sep 2016 @ 1:29pm

    Re: Just - wow

    Whenever someone posts a screenshot of their browser, I and many others will gravitate to seeing what their pinned bookmarks and tabs are titled. These types of things are almost beacons for "WE TOOK A PICTURE AND DIDN'T TAKE INTO ACCOUNT THAT MORE THAN JUST THE SUBJECT IS VISIBLE" and related face-eggs.

    link to this | view in thread ]

  15. identicon
    Alexander, 12 Sep 2016 @ 5:55pm

    Zero'th Law

    I think we just learned that the the Zero'th Law of Passwords is Do not publish your password on the Internet.

    Until now, we didn't think that had to be stated.

    link to this | view in thread ]

  16. icon
    Eldakka (profile), 12 Sep 2016 @ 11:56pm

    Re: Zero'th Law

    Laws of Stupidity


    Law 0: Stupidity cannot be destroyed, only deflected.
    Law 1: Stupidity expands to fill the space available.
    Law 2: Stupidity flows from the more stupid to the less stupid.*
    Law 3: Too many laws for the stupid to count.


    *Because there is more of it, and it's armed with more clubs.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.