Password security, defending the indefensible

Posted in Blog articles by Matt Hodges-Long on 04/12/2017

In trying to defend the credibility of one of her senior colleagues, MP Nadine Dorries admitted on Twitter that she routinely shares her passwords with staff and interns! Poor password security is one of the main causes of Cyber Breach. The importance of password security requires leadership from the highest level. Educating all IT users about the perils of weak and insecure passwords is a critical activity.

Nadine Dorries - password security

Password security breakdown

Twitter (quite rightly) went into meltdown over this admission of a serious breakdown in cyber security and password security.

Twitter meltdown - password security

Ms Dorries didn’t seem at all concerned about her mistake. Nor did she see the need to issue a statement to confirm this poor security practice had been stopped. Instead, she jumped back into the discussion to try and defend the indefensible.

Nadine Dorries - password security

As the situation escalated, MP colleagues thought it would be a good idea to jump in and help Ms Dorries dig an even deeper hole. #trolling

MPs - password security

Clearly there can never be an excuse for openly sharing passwords. Even more so when you are elected by the public to represent them as their Member of Parliament. As citizens we would hope and expect that our elected representatives are adequately trained. They should be aware of major threats to the security of their constituents. But, more importantly, they should demonstrate sufficient capacity to lead by (good) example.

At a recent industry conference, the Digital Minister Matt Hancock MP was discussing the upcoming GDPR. I posed this question to him: “when will the HMRC self service portal support secure passwords, as at present it does not accept special characters?” He responded by stating that: “Cyber Security is a top priority across the entire government.” Perhaps he might want to discuss this with his parliamentary colleagues?