Please don't send login information over e-mail!
-
Okay, I'll admit, it was my bad. I wasn't thinking about it. I failed to strip companyname/companyname out of a log I was
sending. E-mail policy about sending login information is clearly all we have to protect our servers.
-
You store plaintext usernames and passwords in a log file?
-
You use companyname/companyname as username and password?
-
I have no idea what he's talking about...
-
Translation:
The OP emailed a log file, and was chastised for sending login information via email, as this is a violation of his company's security policy. The offending lines in the log file? Username: initech Password: initech. It's a shame he compromised such a secure password by sending it in email!
-
So... You have a "don't send logging information over e-mail" policy?
-
@Skybert said:
So... You have a "don't send logging information over e-mail" policy?
"Login" as in Username/password. Not "logging".
-
@merreborn said:
"Login" as in Username/password. Not "logging".
But since the logging information may include login information, the apparent solution is
to forbid sending of logging information.