Arizona government office learns lesson in password manager strategy
Employees from the Arizona Department of Public Safety recently became the stars of a cautionary tale on the dangers of weak password manager strategies.
According to NextGov, the state agency was just one of many organizations affected by the recent data breach of security intelligence firm Stratfor. Over Christmas weekend, members of the cybercriminal ring known as Anonymous infiltrated Stratfor's servers and obtained sensitive data from customer accounts. However, emerging details suggest that more informed password manager strategies could have kept DPS employees off the list of victims.
Police spokesman Carrick Cook told the news source that Anonymous was able to gain access to government databases by stealing and reusing the passwords of officers' personal email accounts.
The agency has recognized its mistakes and now prohibits employees from using personal passwords as login credentials for their work stations. But although much of the resultant damage has already been done, Cook has advised current and future cybercrime victims to learn from his department's mistakes.
Although generating unique credentials for all personal and work-related accounts can be a hassle, the inconvenience pales in comparison to the consequences of identity theft. There are also a number of simple - and even free - password organizer tools to handle the bulk of the burden.