03 May 2009 16:57 -
Sometimes you are just chatting on IRC and hear that some people still use passwords that appear
in quotes on IRC and are mentioned in various IRC channels. If you are fully aware of that,
you should of course not use that password for anything. Especially not for anything that can
be considered confidential.
The above points seem obvious, but to illustrate the effect this can have I will give an example:
Imagine you are the chairman of a well known hosting community providing virtual private servers. Lets
call this community '
zoloos'.
Further more, imagine that you use a password that has been mentioned in:
#linux.nl, #alcohol, #cafe and many other IRC channels as your
password. And to make things worse, even imagine that the password is
mentioned in quotes.
What will happen then? Well the following information may get publicly known:
- The personal information of all zoloos members.
- The confidential minutes of zoloos meetings.
- Passwords of various zoloos services. I.e. the zoloos cacti and zoloos zabbix.
- The configuration of the zoloos switch.
So please choose good passwords and change them regularly.
Thanks to
Hepp,
BugBlue and of course Cinder, who quickly locked the account.
