LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Passwords and GDPR

  Quote
Guest
Chris Yates Created:   Apr 19, 2018 Last commented:   Apr 20, 2018

Passwords and GDPR

Hi - Would anybody know who would be liable in the following situation in relation to GDPR/Information Security? A software company provides a default password "MASTER" to clients for the master account of their systems. If someone gets in to the sites with this password and can then down load data, are we liable as we have not advised the client to change it? Or should we make the Master accounts password more complex before the site is handed over live each time? Thank you in advance.
0 0

Assign topic to the user

ISO 9001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 9001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Chris Johnson Apr 20, 2018
It would be considered bad practice to use the same publicly available password for all deployments. As you've identified this as a risk if you do nothing then liability is certainly much more questionable and would probably fall on the experts (ie software developers) rather than the client. In many systems now an installation process will creates a random password and notify the user or won't proceed and complete until the user enters their own password.
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 19, 2018

Apr 20, 2018

Suggested Topics

brunostefanutti Created:   Feb 15, 2019 ISO 9001
Replies: 1
0 0

Extra Ue personal data

Guest user Created:   May 24, 2018 ISO 9001
Replies: 1
0 0

Project Plan

Guest user Created:   Sep 09, 2019 ISO 9001
Replies: 1
0 0

Record of Processing