|
|
|
|
|
|
by davismwfl
3663 days ago
|
|
|
I agree you can't implement a strong password hash on some legacy systems and that replacing them is capital intensive which may not even be possible in some cases. However, that doesn't stop good security procedures to isolate those systems, add layers in front of them and minimize the attack vectors. Even the act of air gapping certain legacy systems is the right move, it at least minimizes the attack vectors, and can keep costs reasonable. So if the company cares about security there are ways to layer it in and provide a robust solution (albeit not necessarily ideal), but many times they just don't care enough to make it a priority. |
|
|