YouTube player

A high school in Illinois recently demonstrated how not to do a force password reset. Oak Park and River Forest High School was doing a cybersecurity audit when they mistakenly reset everyone’s password. This prevented the students from being able to log into their Google account. To fix this, the High School decided to set all the students’ password to be Ch@ngeMe! That’s right, they changed all the students’ password to the same password, and they have around 3,000 students. They emailed the parents about the change and strongly suggested that their child update the password to their own unique password as soon as possible. This allowed access to other students which gave access to all emails, papers, class work and anything saved in the Google accounts, including documents and slides. The school realised their mistake the following day and rectified the issue.

This segment was created for the It’s 5:05 podcast