Article 638YZ Classic WTF: Security By Oblivity

Classic WTF: Security By Oblivity

by
Alex Papadimoulis
from The Daily WTF on (#638YZ)
It's a holiday in the US, so once again, it's time to reach back into the archives. Two-Factor Authentication is pretty standard these days, but once upon a time, it felt far more cumbersome to use. This story from 2006 highlights some... unique solutions to the problem. Original --Remy

Laptops are blessing for many corporate workers: never before has it been so easy to bring work home and neglect one's family to get in a few extra hours of unpaid overtime. As eager as employees are to do this, the mean ole' folks in IT Security are not. They cite all these news stories about sensitive data being lost as a result of laptops and remote access, and say it's just not safe to bring the company work home.

Thankfully, the IT Security director at MK's company (a fairly large banking institution) knows that the ability to conveniently work remotely is much more important than working securely. Shortly after some mean ole' regulatory agency mandated that remote access is secured with a VPN that requires typing in a constantly changing passcode from a physical token, the director had just the solution for everyone ...

Hey All,

I know there have been a lot of complaints about the new RSA tokens that we've issued, in that it's a bit of an inconvenience to carry your laptop AND an RSA token on your key ring. Here's a solution that will help you keep them together.

Get a bigger key ring (we've got a handful, first come first serve) and put the token on the key ring using the small diameter ring on the token. Insert the laptop's power cord through ring, make a half hitch loop on the cord, fastening the bigger ring to the cord. Here's a (blurry) picture to give you an idea:

rsakey.jpg

Regards,
Thomas J-----
IT Security

It was the perfect addition to the name and passwords that manylaptop users had taped to the top of their screen. And just as secure.

proget-icon.png [Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.
External Content
Source RSS or Atom Feed
Feed Location http://syndication.thedailywtf.com/TheDailyWtf
Feed Title The Daily WTF
Feed Link http://thedailywtf.com/
Reply 0 comments