The Snowball Effect of 123

The Snowball Effect of 123

Snow ballRecently, we have had a rush of folks whose techs feel that user and user123 is an adequately secure set of credentials. I assure you my friends, it is not! But Carlos who cares it’s just a pop3 mailbox!? If it wasn’t part of the scope of my branch at ExchangeDefender, I’d probably think the same way.

However, accounts deployed with the old user123 or even better ‘password’ passwords are a huge problem. So here’s the chain of events in a worst case scenario.

1. Account is deployed with terrible password.

2. Account gets cracked

3. Account starts SPAMMING

4. Server gets listed on RBL

5. Mailflow is now affected.

Now generally we catch it between 2 & 3 and do a forced password change on the account which solves the issue. However, eventually that person will report to their provider that they can’t access their account and we pray that they read our notice and do not make the same insecure password, before we have to take more finite actions.

Therefore, please tell your team to avoid using such “temporary” passwords at all since they’re so easily left and forgotten.

Carlos Lascano
VP Support Services, ExchangeDefender
carlos@ownwebnow.com
(877) 546-0316 x737