Melanie Ensign

May 2, 2018

When Your Employees Post Passwords Online

This post was originally published on this siteStoring passwords in plaintext online is never a good idea, but it’s remarkable how many companies have employees who are doing just that using online collaboration tools like Trello.com. Last week, KrebsOnSecurity notified a host of companies that employees were using Trello to share passwords for sensitive internal resources. Among those put at risk by such activity included an insurance firm, a state government agency and ride-hailing service Uber.com. By default, Trello boards for both enterprise and personal use are set to either private (requires a password to view the content) or team-visible […]