UK Politician's Campaign Staff Tweets Out Picture Of Login And Password To Phones During Campaign Phone Jam

from the p@ssw0rd! dept

When we talk password security here at Techdirt, those conversations tend to revolve around stories a bit above and beyond the old "people don't use strong enough passwords" trope. While that certainly is the case, we tend to talk more about how major corporations aren't able to learn their lessons about storing customer passwords in plain text, or about how major media outlets are occasionally dumb enough to ask readers to submit their own passwords in an unsecure fashion.

But for the truly silly, we obviously need to travel away from the world of private corporations and directly into the world of politicians, who often times are tasked with legislating on matters of data security and privacy, but who cannot help but show their own ineptness on the matter themselves. Take Owen Smith, for example. Smith is currently attempting to become the head of the UK's Labour Party, with his campaign working the phones as one would expect. And, because this is the age of social media engagement, one of his campaign staffers tweeted out the following photo of the crew hard at work.


The image is such that the problem may not jump out at you. Hopefully one of the many internet-ers that tweeted a response to the campaign will help.


Yes, a staffer for the campaign managed to tweet out the full login and password to the phone banks for the campaign's phone jam. That password was also declared weak by the same internet that had managed to suss it out from the photo as well, leading some to complain that politicians that cannot bother to run organizations that adhere to basic security practices shouldn't be trusted to legislate on those matters in government.

The tweet has since been deleted and the credentials altered, but password security practices probably start with a first step of: don't send out your l/p to the entire known internet-connected world.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Michael, 12 Sep 2016 @ 4:25am

    Let's not forget to mention that it's also a good security policy to not write passwords on a whiteboard and share them with a bunch of people.

    Even without the tweet, this guy is a twit.

    reply to this | link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 5:08am

    Obviously this was a Russian ISIS informant trying to overthrow the government. They should be arrested. And the military should liberate or invade the country...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Sep 2016 @ 5:10am

    CFAA Violations for anyone who saw that tweet. You are all criminals! Go to jail!

    reply to this | link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 5:19am

    Add this

    Let's not forget that the intentional deletion of the tweet is tampering of evidence which proves they knew they were breaking the law.

    reply to this | link to this | view in chronology ]

  • icon
    Hankster (profile), 12 Sep 2016 @ 5:27am

    All whiteboards should be automatically encrypted as you write. Then only those those that are wearing the super secret decrypting glasses could read it.

    reply to this | link to this | view in chronology ]

  • identicon
    Capt ICE Enforcer, 12 Sep 2016 @ 6:01am

    Key

    Ahh, that explains why I can read it using my government computer. But not my personal computer.. I have the golden key which means only I being a good person can see it.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Sep 2016 @ 6:43am

    > The tweet has since been deleted and the credentials altered

    Yes, but who altered them? Smith's campaign group would like to talk to them.

    reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 12 Sep 2016 @ 7:42am

    No worries... they changed the login to Password\Pa$$w0rd.

    Its safe now.

    reply to this | link to this | view in chronology ]

  • identicon
    Skeeter, 12 Sep 2016 @ 10:35am

    Just - wow

    Seriously, I see the picture here. I can't make it out clearly, so I save a copy to my desktop (wanting to see this 'disclosing' image). On a 32-inch monitor, I try to make out what is said at: password: x&*^%%m and just can't get there.

    To this, it SUPREMELY BEGS THE QUESTION, why are people using image enhancers, blowing up images 32x, and so-forth just to see 'what gory, juicy details are REALLY in the picture?'

    I mean, if you have Bill, Hillary, Donald and Barack all laughing together at a black-tie event, I get 'tearing a picture down' to find 'hints' about what's 'really going on', but being as this mp isn't exactly the Prime Minister, I'm not really getting the significance of this 'password crack' to begin with.

    Obviously, the citizens of the UK need more entertainment, more hobbies, or may just more employment - so they aren't tearing insignificant politicians' press photos apart? Just an idea.

    reply to this | link to this | view in chronology ]

    • icon
      Hankster (profile), 12 Sep 2016 @ 1:03pm

      Re: Just - wow

      Ummmmm, yes, why did YOU do that?

      reply to this | link to this | view in chronology ]

    • icon
      JoeCool (profile), 12 Sep 2016 @ 1:08pm

      Re: Just - wow

      Anytime the opposition posts pictures of plans on a whiteboard, you're naturally going to want to read them. They're GIVING you the info instead of needing to go to "extremes" to get the info.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 12 Sep 2016 @ 1:29pm

      Re: Just - wow

      Whenever someone posts a screenshot of their browser, I and many others will gravitate to seeing what their pinned bookmarks and tabs are titled. These types of things are almost beacons for "WE TOOK A PICTURE AND DIDN'T TAKE INTO ACCOUNT THAT MORE THAN JUST THE SUBJECT IS VISIBLE" and related face-eggs.

      reply to this | link to this | view in chronology ]

  • identicon
    Digitari, 12 Sep 2016 @ 1:24pm

    SMART

    the second guy to tame fire didn't scream as loud as the first.

    this is NOT the first time something like this has happened

    reply to this | link to this | view in chronology ]

  • identicon
    Alexander, 12 Sep 2016 @ 5:55pm

    Zero'th Law

    I think we just learned that the the Zero'th Law of Passwords is Do not publish your password on the Internet.

    Until now, we didn't think that had to be stated.

    reply to this | link to this | view in chronology ]

    • icon
      Eldakka (profile), 12 Sep 2016 @ 11:56pm

      Re: Zero'th Law

      Laws of Stupidity


      Law 0: Stupidity cannot be destroyed, only deflected.
      Law 1: Stupidity expands to fill the space available.
      Law 2: Stupidity flows from the more stupid to the less stupid.*
      Law 3: Too many laws for the stupid to count.


      *Because there is more of it, and it's armed with more clubs.

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.