Even Spies Have Password Management Problems

Catching up on some news from last week and I thought Tim Greene’s article in Network World was an interesting piece on the Russian spy ring story that is currently grabbing headlines. As Tim points out the spy ring was heavily reliant on technology to communicate, and in some cases even went to great lengths (multi-hop travel using numerous passports) to simply repair a laptop. At the same time, they were also plagued by the same IT issues we face: long support times, poor customer support, complex configurations and dealing with IT security.

Despite all the years of covert operations, some of the most incriminating pieces of evidence were obtained through one of the most common password management problems found in companies all over the world – the sticky note password. A pull-out from the article:

One of the most glaring errors made by one of the spy defendants was leaving an imposing 27-character password written on a piece of paper that law enforcement officers found while searching a suspect's home. They used the password to crack open a treasure trove of more than 100 text files containing covert messages used to further the investigation.

Think of the risk and high stakes involved with global espionage and it’s amazing that it was a common password snafu that unlocked piles of evidence to break the spy ring and which will be used by the Feds to build the case. Try taking a walk through your offices and you might be surprised what is lying around on sticky notes. While you may not be involved in something as high-stakes as espionage, this aspect of the spy ring story certainly serves as another reminder to get the password management problem locked down at your company.