Colorado Agency ‘Improperly’ Posted Passwords for Its Election System Online

pulse_of_truth·Pulse of TruthbyResident Pulser

Colorado Agency ‘Improperly’ Posted Passwords for Its Election System Online

The Department of State said that the mistaken disclosure of the passwords do not pose an immediate threat to the upcoming election.

https://gizmodo.com/colorado-agency-improperly-posted-passwords-for-its-election-system-online-2000518572Open link View original on infosec.pub

Comments5

BrightHalo

lemmy.world

Is there a proper way to post your passwords online?

viking reply

infosec.pub

Lemmy obscures passwords automatically. See: **************!

fubarx reply

lemmy.ml

Only if your Lemmy server's configured to redact passwords. A lot of them don't. For example: ******************

ericjmorey

programming.dev

For months, the agency “improperly” hosted a publicly available spreadsheet on its website that included a hidden tab with partial passwords for its voting machines.

In its statement, the Department of State said that there are two unique passwords for each of its voting machines, which are stored in separate places. Additionally, the passwords can only be used by a person who is physically operating the system and voting machines are stored in secure areas that require ID badges to access and are under 24/7 video surveillance.

Colorado voters use paper ballots, ensuring that a physical paper trail that can be used to verify results tabulated electronically.

ericjmorey reply

programming.dev

I have no idea why improperly is in quotes. Maybe it's this reporter's and editor's version of saying that it's allegedly improper?