A Texas school district is learning the hard way about website security basics. If you’d like to keep your site from being compromised, the very least you can do is reset the default login. According to a post at Hackforums, the Round Rock Independent School District of Austin, TX was using the following name and password for its admin account. (h/t to Techdirt reader Vidiot)
hacked – idiots used default login/pass
Needless to say I’m not exactly world’s most qualified hacker, and if it were me on the delivering end of all of that, I figure it’d take me about a minute to gain access. Provided I was 1: doing it manually and 2: not trying very hard. I’m going to go out on a bit of a limb, here, and disprove the theory that you get what you paid for. Whatever the school district paid the folks what set up and apparently didn’t maintain the website, I’m making the offfer right here–not, you know, that I figure it’ll go anywhere, but hey. Take the amount that supposed third-party company brought in. Divide it by 2. Now, write me a check for that amount. Stick it in the mail. Upon receipt, I’ll hand you a website infinitely more secure/stable than that hot mess. No? Well, I tried. In the meantime, for the love of all things holely somebody please provide SharpSchool with a better selection of passwords. Because clearly, they’ve got approximately nothing.
2 responses to “Once more with feeling: Default passwords are bad. Not kidding.”
Not sure what happened, but this here post cuts off before I’m betting you were aiming for it to cut off. In the middle of a sentence, to be specific. You forget to close a tag or something?
That was me failing at basic HTML. A link that should have been, er, wasn’t. Fixed, now.