Rolling hot off the heels of World Password Day (groan), every May 2 we hacks generally receive hundreds of emails from PR companies repping their respective infosec pros, all espousing their expert opinions on how to create an "iron-clad" or "military-grade" password, or something equally cringey.

We didn't write anything about it because, quite frankly, it's all a bit dull. We know what is and isn't a good password - national security agencies tend to all agree with one another to a certain extent and anyone with an iota of cyber literacy knows the good from the bad and the downright terrible. There's no "password123" nonsense here at Vulture Central.

However, according to a Xeet from the UK Daily Mail's political editor, Jason Groves, journalists attending the headquarters of the UK's National Cyber Security Centre (NCSC) on Thursday were told some information that appeared to fly in the face of conventional password hygiene.

The NCSC still stands by its password guidance of creating a string out of three random words, an idea it may or may not have swiped from our readers, but it doesn't appear to have been in use when reporters attended the NCSC where foreign secretary David Cameron was delivering an address.

Groves said reporters were told the security code for the doors at the UK's cybersecurity agency was - drum roll please - 1234.

Sounding way too funny to be true, we caught up with Groves who confirmed to us that the Xeet wasn't a joke as it initially seemed at first glance. Reporters were told the code on arrival and then the head of events blasted it out loud from a stage later on.

We've since been made aware that these passcodes were only temporary and wouldn't have allowed access to any of the really interesting rooms in Nova South where the serious action goes down (boring). 

Regardless, it still gave the vultures something to cackle and crow about on a Friday morning, and weren't the only ones.

Responding to Groves on X, someone asked "is the WiFi password password?" Another said: "No doubt someone will randomly try 1234, and be told that they 'hacked' their way in." ®

https://www.theregister.com//2024/05/10/ncsc_entry_code/