Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

My IT department wants you to hack my account

Anonymous Coward writes | more than 2 years ago

Security 1

An anonymous reader writes "I work for a publicly traded company. When I submit tickets to helpdesk, they reply with an automated response which has a link to the ticket. Nothing special there, right? The only thing is, it is a plain http: link, leading to a page that immediately asks for my password. If I add an s after the http, there is not even a listener there. So the only way I can access that page is to send my password in the clear. That server is geographically distant, so I am pretty sure I would be sending my password in the clear over the internet. (And even if it is fully intranet-based, isn't this still a pretty big risk?) Again, it is my IT department which is sending this link. This is not the first company where I have seen this. So I am starting to think that the easiest way for a hacker to compromise a company is actually provided as a service by that company's IT department. How common is this, and how can it possibly be happening? More generally, how safe is my personal data that I provide to corporations, when they may be so astoundingly easy to compromise?"

cancel ×

1 comment

Sorry! There are no comments related to the filter you selected.

Could be worse (0)

Anonymous Coward | more than 2 years ago | (#40337317)

If they really wanted your account to get hacked, they could move the whole company to Gmail

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>