Internal Logon Credentials

Today I went into town to a large retailer to order a gift for the wife.
Due to a couple of date issues and unknown factors I thought that it would have been the easiest option, rather than going online to do it myself – which is the way I tend to do things.

So, I’m at the counter wanting to place my order, where the female assistant was trying to log on to the computer. The normal explanations as to why she can’t log on are given, `it’s a bit slow this morning` and `my log on doesn’t seem to work`. She then went off to get someone to log on for her.

She came back and put a piece of paper on the counter and said `I’ll try these`. She then proceeded to log in while looking at what was written on it. I looked down at it and could see that someone had written a username and password on it!

Unbelievable to think that someone would not only give someone else their log in details, but they would also write then down (without encrypting them) and then show then to someone outside of the organisation they worked for.

I chose not to make a mental note of the details and then try them on an internet portal (no idea if there was one) while using the TOR network!

It amazes me what some people will do, given all the things that they must of been told by their employer and given common sense with security?!