WOOPS!: Oak Park River Forest High School Changed Every Student’s Password . . . to Be the Same?!

I know cybersecurity is important, but it’s a hassle constantly changing passwords, and dealing with multi-factor authentication . . . cross-device verification . . . fingerprints . . . blood samples?!

Well, Oak Park and River Forest High School took a slightly different approach.  During a cybersecurity exercise a mistake was made that reset every users’ password. To correct that mistake, administrators changed all students’ passwords to THE SAME THING: “Ch@angme!” Then “strongly suggested” that all students change that to something unique, ASAP.

Of course the problem with that is every student could access anyone else’s account! That included emails, papers, and class work.  And some kids DID do that. Since each username follows a template, and all the passwords were the same, you can log into ANYONE’S ACCOUNT!

Eventualy, the school realized the goof and sent out “special password processes” unique to each account.

Fortunately, it doesn’t sound like there were any major problems . . . but a lot of parents were upset, since the school essentially locked out students, and invited hackers in.