Fridays Stupidity: Nevada Govenor posts his email username and password online. And its the name of his predecessor - that can't be secure. ~ Ask The Admin

Friday, July 20, 2007

Fridays Stupidity: Nevada Govenor posts his email username and password online. And its the name of his predecessor - that can't be secure.

First of all let me start off by saying there should be password security limitations in place for government officials - for the safety of all of us!

AskTheAdmin users know the importance of a good password. We never use dictionary words or proper names because they are easy to break. Now lets assume you are a high ranking official and you decide to use your predecessors first name and last initial as your email password. Now this is highly insecure but lets make it worse let publish it for all the world to see... Has anyone sent President Bush and Email from this clown resigning? It looks like he is being looked into for accepting bribes (edit: GIFTS). Here is the article...

Happy Friday hope it gives you a chuckle!

Nevada governor accidentally posts Outlook password

If you ever wanted to be Nevada's governor for a day, it doesn't seem to be that hard.

In what could be a whopping security hole, Nevada has posted the password to the gubernatorial e-mail account on its official state Web site. It appears in a Microsoft Word file giving step-by-step instructions on how aides should send out the governor's weekly e-mail updates, which has, as a second file shows, 13,105 subscribers.

Excerpt from Nevada's state government Web site: How to be the governor for a day. And we're sure he replies to all of his own e-mail as well.

The Outlook username is, by the way, "governor" and the password is "kennyc". We should note at this point that the former Nevada governor, a Republican, is Kenny C. Guinn, which hardly says much about password security.

The current governor of Nevada is Jim A. Gibbons, also a Republican, happens to be widely disliked. His approval rating of 28 percent accomplishes the rare feat of being below President Bush's. It doesn't help, we assume, that Gibbons is facing an FBI probe over possible illegal gifts.

For the record, we didn't try sending fake gubernatorial mail with the "kennyc" password (or "jimmya" either), so we don't know whether it actually works or whether it's been changed for the new administration. Although the listserv's administration interface is publicly-accessible, there might be a firewall that limits connections to the Outlook server, for all we know. Because other accidentally-public documents on the site continue to list the "kennyc" password, though, we wouldn't be surprised if the password remained the same.

We did, however, briefly consider that a message titled "Governor_eAlert_07.19.07: Why I am resigning in disgrace" or "Governor_eAlert_07.20.07: Why I am switching to the Libertarian Party," would be more interesting than the run-of-the-mill actual titles like Economic Development Funding Paying Immediate and Long-term Benefits...

We did try calling and e-mailing the press office on Friday morning but didn't hear back by our publication deadline. Maybe we would have had better luck if the e-mail inquiry had come from the governor himself...

Note: Reporters are, of course, only as good as their sources. A tip of the hat this time to a fellow who goes by the name of Don Malaria. [News.Com]