Cisco has managed even greater levels of security brouhaha today, with the news that its re-distribution of passwords for its customer portal is not going as smoothly as hoped.
After yesterday's security compromise customers have been scrambling to access new passwords but finding themselves part of an increasing traffic jam.
"Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords," said Andrew Phillips, PR manager, EMEA security and mobility at Cisco.
"The vulnerability in our search tool was brought to our attention by a third party security research organization. Cisco Systems is investigating the incident, and will work with outside agencies as appropriate."
According to media reports the backlog is millions and customers are getting increasingly frustrated.
Paul Simmonds, global information security director at ICI and member of industry lobbyists The Jericho Forum, said the breach should provide a wake up call for the industry.
"Obviously we need to remain vigilant," said Simmonds. "We need better solutions. Username and password just isn't enough any more. We need better, web-based authentication."
Cisco yesterday quietly notified customers of a breach with the following statement:
Dear Cisco Partner, I'd like to bring your attention to an issue that may cause minor inconvenience for customers and partners.
You may experience issues with your login to www.cisco.com.
You will be required to reset your password, please send an email to [email protected] from the same email address that is associated with your CCO userid. Within a few minutes you should receive a new working password back to that same email address.
Please note that when you send an email to [email protected] - the only requirement is that the email is sent from the same email address associated with your userid to receive the return email with the new password. Once this is received you should be able to reset your password to one of your own choosing.
It is possible that you are not impacted by this issue but I wanted to ensure you are aware of this in the event you have a problem logging into CCO today.