Modernizing Authentication — What It Takes to Transform Secure Access
Members of TeaMp0isoN recently published more than 1,000 e-mail addresses, user names and passwords for United Nations staff.
"It is still unknown what server has been breached, but judging by the prevalence of @undp.org email addresses, and the fact that a set of login credentials seems to belong to the administrator (who also has an @undp.org address), it is believed that it was that of the United Nations Development Programme (UNDP)," writes Help Net Security's Zeljka Zorz.
"If the dumped data did indeed come from a hacked server and is legitimate and accurate, it would seem that it wasn't encrypted and that there was no minimum mandated length requirement for passwords -- all practices that you wouldn't expect from an organization such as the UN," Zorz writes.
Go to "1000+ UN emails, usernames and passwords leaked" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.