More than a fifth of the passwords protecting network accounts at the US Department of the Interior—including Password1234, Password1234!, and ChangeItN0w!—were weak enough to be cracked using standard methods, a recently published security audit of the agency found. The audit was performed by the department’s inspector general, which obtained cryptographic hashes for 85,944 … [Read more...]