Election passwords accidentally posted online for months in blue state

Confidential passwords to voting systems were inadvertently posted on the Colorado secretary of state’s public website for months before being removed. Despite this, officials maintained this leak is “not a security threat” to elections.

The passwords were publicly visible on a spreadsheet posted to the website with a hidden tab that included over 600 partial passwords to Colorado’s voting systems in 63 of Colorado’s 64 counties. The passwords were “discreetly” removed from the website on Thursday after being listed since at least August, according to a press release from the Republican Party of Colorado.

‘At best, even if the passwords were outdated, it represents significant incompetence and negligence, and it raises huge questions about password management and other basic security protocols at the highest levels within Griswold’s office.’

“To be very clear, we do not see this as a full security threat to the state. This is not a security threat,” Democratic Secretary of State Jena Griswold told KUSA. “There are two passwords to get into any voting component, along with physical access. We have layers of security and, out of just an abundance of caution, have staff in the field changing passwords, looking at access logs, and looking at the entire situation and continuing our investigation.”

“We hear all the time in Colorado from Secretary Griswold and Governor Polis that we represent the ‘gold standard’ for election integrity, a model for the nation,” Dave Williams, chairman of the Republican Party of Colorado, said in a statement. “One can only hope that by the secretary posting our most sensitive passwords online to the world dispels that myth.”

This is not the first time Colorado has faced scrutiny over security lapses and election integrity. Under Griswold’s purview, 30,000 noncitizens in Colorado mistakenly received voter registration mail in 2022. Despite past and present hiccups, Griswold and Colorado officials maintain that their elections are airtight.

“It’s shocking, really,” Williams said in the press release. “At best, even if the passwords were outdated, it represents significant incompetence and negligence, and it raises huge questions about password management and other basic security protocols at the highest levels within Griswold’s office.

“This type of security breach could have far-reaching implications, putting the entire Colorado election results for the vast majority of races, including the tabulation of the presidential race in Colorado, in jeopardy unless all of the machines can meet the standards of a ‘trusted build’ before next Tuesday,” Williams continued.

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!

Leave a Reply

Your email address will not be published. Required fields are marked *