NSA Snowden Leaks Show Why Passwords Should Be Strictly Protected
NEWS ANALYSIS: The National Security Agency could have at least limited the damage of Edward Snowden's leaks if it had strictly enforced password security.Pretty much everyone knows that passwords aren't supposed to be shared. Passwords exist to protect your information and your employer's information from being seen by people who shouldn't see it and could cause serious damage if they do access it. This is why you have a strong password on your banking information (you DO have a strong password on your bank account, don't you?) So how is it that Edward Snowden managed to get the passwords that gave him access to thousands of secret documents? According to a story from Reuters, Snowden did it in the easiest way possible. He asked for it. But of course there's more to it than that. What Snowden did was tell a couple dozen of his co-workers that he needed their passwords because he was a system administrator. Those co-workers, knowing that Snowden was fully cleared, figured it was safe, and gave him the passwords. Snowden used that trust to raid the NSA files of everything he could find.
Leaving aside the propriety of what Snowden did, the fact that he was able to get the information he did with other people's log-in information speaks volumes. Perhaps more important, it speaks those volumes directly to you and your employer.