Zack Whittaker reports:
A government watchdog has published a scathing rebuke of the Department of the Interior’s cybersecurity posture, finding it was able to crack thousands of employee user accounts because the department’s security policies allow easily guessable passwords like
'Password1234'.The report by the Office of the Inspector General for the Department of the Interior, tasked with oversight of the U.S. executive agency that manages the country’s federal land, national parks and a budget of billions of dollars, said that the department’s reliance on passwords as the sole way of protecting some of its most important systems and employees’ user accounts has bucked nearly two decades of the government’s own cybersecurity guidance of mandating stronger two-factor authentication.
Read more at TechCrunch.