"We've excised the text, but suffice it to say that the whiteboard contains usernames and passwords for system access. It's a change from a Post-it note stuck to the screen, but it's no less likely to make a security professional shriek in horror. After all, not only is the account exposed, but anyone can use it, which renders an access log somewhat redundant."
"Thankfully, passwords are on their way out. According to the UK's National Cyber Security Centre (NCSC), passkeys "solve the main security problems we have with passwords." The NCSC states they "are generated securely and so can't be guessed... can't be phished," and "are unique for each website you use, so if one website is compromised it doesn't put your other logins at risk." They are also unlikely to be found written on a whiteboard."
A whiteboard in a UK medical center displayed usernames and passwords for system access, leaving credentials visible to staff and visitors. The exposed credentials allow anyone to use the account and negate the usefulness of access logs. Staff warnings about the display were reportedly ignored despite requests to remove the information. NHS password guidance recommends avoiding single words, using randomness, and employing multiple random passwords while avoiding common passwords. The UK's National Cyber Security Centre recommends passkeys as secure replacements for passwords. Passkeys are generated securely, resist guessing and phishing, are unique per site, and reduce cross-site risk.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]