UK Politician's Campaign Staff Tweets Out Picture Of Login And Password To Phones During Campaign Phone Jam
from the p@ssw0rd! dept
When we talk password security here at Techdirt, those conversations tend to revolve around stories a bit above and beyond the old "people don't use strong enough passwords" trope. While that certainly is the case, we tend to talk more about how major corporations aren't able to learn their lessons about storing customer passwords in plain text, or about how major media outlets are occasionally dumb enough to ask readers to submit their own passwords in an unsecure fashion.
But for the truly silly, we obviously need to travel away from the world of private corporations and directly into the world of politicians, who often times are tasked with legislating on matters of data security and privacy, but who cannot help but show their own ineptness on the matter themselves. Take Owen Smith, for example. Smith is currently attempting to become the head of the UK's Labour Party, with his campaign working the phones as one would expect. And, because this is the age of social media engagement, one of his campaign staffers tweeted out the following photo of the crew hard at work.
The image is such that the problem may not jump out at you. Hopefully one of the many internet-ers that tweeted a response to the campaign will help.
Owen Smith's team have the absolute cheek to accuse @jeremycorbyn of "incompetence" the day after this! pic.twitter.com/ZUydXlLdxr
— Another Angry Voice (@Angry_Voice) September 5, 2016
Yes, a staffer for the campaign managed to tweet out the full login and password to the phone banks for the campaign's phone jam. That password was also declared weak by the same internet that had managed to suss it out from the photo as well, leading some to complain that politicians that cannot bother to run organizations that adhere to basic security practices shouldn't be trusted to legislate on those matters in government.
The tweet has since been deleted and the credentials altered, but password security practices probably start with a first step of: don't send out your l/p to the entire known internet-connected world.
Filed Under: cybersecurity, owen smith, passwords, security, uk