Not changing default passwords 'foolish'

2009-07-07

Not changing default passwords on all network devices is one of the stupidest mistakes network managers can make, it has been suggested.

Peter Tippett, vice-president of innovation and technology at Verizon Business, told Carolyn Duffy Marsan of Network World that he sees this failure to alter such default passwords every day, which could lead to an IT intrusion.

He explained that companies should run a vulnerability scanner against each device on their network with an IP address to avoid this problem and where default passwords are found they should be changed.

Sharing passwords on numerous servers is also inadvisable, even if it is a decent one as hackers able to get hold of the information will be able to use it to access multiple systems, Ms Marsan added.

"We're just not doing the basics," Mr Tippett explained, commenting on securing systems in general.

Chief technology officer for 41st Parameter Raz Yalov recently spoke to the Tech Herald about having passwords presented in clear text.

He claimed it would just be beneficial for malware using screen scraping to steal the classified information.

Read more security news.