• AngryishHumanoid@reddthat.com
    link
    fedilink
    English
    arrow-up
    14
    ·
    2 months ago

    It’s likely that HIS credentials were revoked, but anyone in IT will tell you there many systems which are accessed by a shared direct username/password login, and yes while that should be changed when needed a much easier solution would be to lock those apps/sites behind a VPN which is much easier to revoke access to.

    • Fosheze@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      2 months ago

      Exactly. Nothing with shared credentials should be directly accessible to someone off site to begin with. Either way things went down they have a security hole you could fly a blimp through. Either they aren’t revoking credentials properly or they have eternally facing systems using shared credentials.