Hey, a little #infosec pro tip today - do not send me your account password via Teams.
I know this is really in-depth and technical, and subtle techniques like this can be quite confusing for some users, but it's a good thing to keep in mind if you can.
After giving it some thought, I've broken this down into a step-by-step guide that might help.
1. Do not send me your password via Teams.
If your organisation uses a different messaging system, try this:
1. Do not send me your password.
@mike They could always post it on the password change list! /s
Humor, parody of all-too-many meetings
@mike I'm confused, can I get some clarification?
I understand that I can't use Teams, nor email, and not Slack. But what about non-messaging systems, like holding up a piece of paper with my password written on it in thick, black, bold letters while on an unprotected Zoom call?
Humor, parody of all-too-many meetings
@vertigo no, and just for the record - don't have your password tattooed on any part of your body either. No, not even there.
@mike I'm struggling with 1, so I just went ahead with 2...
@mike I make sure to always set my password to something defamatory so that our legal team has to manually go in and delete it from the logs