{"id":402,"date":"2012-05-14T15:47:14","date_gmt":"2012-05-14T20:47:14","guid":{"rendered":"http:\/\/www.exchangedefender.com\/blog\/2012\/05\/the-snowball-effect-of-123\/"},"modified":"2012-05-14T15:47:14","modified_gmt":"2012-05-14T20:47:14","slug":"the-snowball-effect-of-123","status":"publish","type":"post","link":"https:\/\/www.exchangedefender.com\/blog\/2012\/05\/the-snowball-effect-of-123\/","title":{"rendered":"The Snowball Effect of 123"},"content":{"rendered":"<p><a href=\"http:\/\/www.exchangedefender.com\/blog\/media\/The-Snow_E1F7\/snowball.jpg\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-right-width: 0px; margin: 0px 0px 0px 13px; padding-left: 0px; padding-right: 0px; display: inline; float: right; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px\" title=\"Snow ball\" border=\"0\" alt=\"Snow ball\" align=\"right\" src=\"http:\/\/www.exchangedefender.com\/blog\/media\/The-Snow_E1F7\/snowball_thumb.jpg\" width=\"285\" height=\"192\"><\/a>Recently, we have had a rush of folks whose techs feel that user and user123 is an adequately secure set of credentials. I assure you my friends, it is not! But Carlos who cares it\u2019s just a pop3 mailbox!? If it wasn\u2019t part of the scope of my branch at ExchangeDefender, I\u2019d probably think the same way.  <\/p>\n<p>However, accounts deployed with the old user123 or even better \u2018password\u2019 passwords are a huge problem. So here\u2019s the chain of events in a worst case scenario.  <\/p>\n<blockquote>\n<p>1. Account is deployed with terrible password.  <\/p>\n<p>2. Account gets cracked  <\/p>\n<p>3. Account starts SPAMMING  <\/p>\n<p>4. Server gets listed on RBL  <\/p>\n<p>5. Mailflow is now affected.<\/p>\n<\/blockquote>\n<p>Now generally we catch it between 2 &amp; 3 and do a forced password change on the account which solves the issue. However, eventually that person will report to their provider that they can\u2019t access their account and we pray that they read our notice and do not make the same insecure password, before we have to take more finite actions.  <\/p>\n<p>Therefore, please tell your team to avoid using such \u201ctemporary\u201d passwords at all since they\u2019re so easily left and forgotten.  <\/p>\n<p>Carlos Lascano<br \/>VP Support Services, ExchangeDefender<br \/><a href=\"mailto:carlos@ownwebnow.com\">carlos@ownwebnow.com<\/a><br \/>(877) 546-0316 x737  <\/p>\n","protected":false},"excerpt":{"rendered":"<p> [&hellip;]<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-402","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts\/402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/comments?post=402"}],"version-history":[{"count":0,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/posts\/402\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/media?parent=402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/categories?post=402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.exchangedefender.com\/blog\/wp-json\/wp\/v2\/tags?post=402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}