I received a hilarious email posted to the security-basics mailing list this morning that I had to share:

I was in a bar in San Francisco where my English accent has a habit of stimulating conversation with total strangers, in this case it was with a webmaster (sadly not webmistress) of a dubious website hosted in Amsterdam (I don’t think I need to expand on the nature of the site;) I mentioned that I was passionate about Information Security, whereupon, he proceeded to tell me his root password, as he was so proud about how hard it would be to crack! If this was an isolated incident I wouldn’t mention it.

However, these instances are becoming ever more frequent, is it my trustworthy face or are others experiencing similar errors of judgement?

Special thanks to Andy Cuff, the originator of this email and CEO/Founder of The Taliskar Security Wizardry site, for making my day.