Welcome to WebmasterWorld Guest from 3.81.29.226

Forum Moderators: open

Security Weak Link, Humans

     
4:39 pm on Nov 6, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26456
votes: 1076


Site security is an issue for webmasters and users alike, but, when I was reading about a non-technical security issue, [webmasterworld.com] it reminded me that one of the weak links could be employees, either deliberately, or inadvertently revealing details to a bad actor. It can happen as a single record, or as a database.

I realize we shouldn't reveal our own tactics for preventing data being revealed, but it's worth a reminder to raise the bar to make it more difficult for accidental data release. Theft by an employee is entirely different, and i'm not sure how that can be prevented 100%.
7:55 pm on Nov 6, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:June 20, 2006
posts:2176
votes: 94


Intentional acts are a problem, but a small one.

The people logging in using http on public wi-fi or the passwords they use... one of the big hacks in the last year, the company used admin / admin as a user / pw combo... Users, in my experience, are the biggest threat to security.

If you use the same password in more than 1 place, you too, are part of the problem. :-) How are we going to enforce that? Hahaha!

I use long, random, unique passwords via login tool, and many login pages seemed designed to not welcome secure users like myself, they're unfriendly to pw tools like logmein and roboform. My gmail logins do this too, so I'm not talking about some small mom and pop firm. Secure users should be rewarded, insecure ones punished (or blocked from services). Our security is most often compromised by our fellow users and admins. Humans are def the weak link! :-)