Forgot your password?

Close
typodupeerror
Security

+ - My IT department wants you to hack my account 1

Submitted by Anonymous Coward
An anonymous reader writes "I work for a publicly traded company. When I submit tickets to helpdesk, they reply with an automated response which has a link to the ticket. Nothing special there, right? The only thing is, it is a plain http: link, leading to a page that immediately asks for my password. If I add an s after the http, there is not even a listener there. So the only way I can access that page is to send my password in the clear. That server is geographically distant, so I am pretty sure I would be sending my password in the clear over the internet. (And even if it is fully intranet-based, isn't this still a pretty big risk?) Again, it is my IT department which is sending this link. This is not the first company where I have seen this. So I am starting to think that the easiest way for a hacker to compromise a company is actually provided as a service by that company's IT department. How common is this, and how can it possibly be happening? More generally, how safe is my personal data that I provide to corporations, when they may be so astoundingly easy to compromise?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

My IT department wants you to hack my account More

My IT department wants you to hack my account

Comments Filter:

YOW!! The land of the rising SONY!!

Close