“Wow” is about all I can say to this article about the recent Sony hack.  Along with all the other data that was taken, it now appears that a large number of documents contained passwords to all kinds of things, from websites to documents to internal services, all listed in unencrypted files.  Under what security best practice do you store your passwords in plain text files on servers?

Now not every website or service supports 2FA, so you can’t just replace passwords completely, but come on!  Passwords stored en masse in plain text files?  Do we need to send in security experts to train Sony about security?  This isn’t the first hack to hit Sony, but it seems like they haven’t learned from their experience.

Security is a brutal business.  There is little forgiveness for mistakes, and it can be tough to know what to do.  GreenRADIUS can help provide simple, easy to use 2FA to help secure your systems.  With good 2FA, you can protect your access points and prevent a Sony hack on your systems.