IMO - high, but let me explain... We were also under regulation. Annnnd we also had a giant target painted on our back at all times due to information that would be of immediate use to an attacker.
It all comes down to chain of trust. When it comes down to a root password, or any secret that's business-critical you want to minimize ANY sort of risk and that's just the right way to do business.
When I point my scraper at random.org I can see it talks to "ocsp.digicert.com", "ajax.googleapis.com", "ssl.google-analytics.com", and obv. "random.org" (wow that's actually pretty good =P)... those are now three separate entities that now need trust because they all have the opportunity to see what was rendered on that page in plaintext, they have the opportunity to see what you selected, etc.
Then add to that, any browser plugin, the browser itself, etc etc. Then the "in plaintext over screenshare" issue - and you've got a lot of points where something, or someone could MiTM a plaintext password if they wanted/needed.
Generating a random password/secret by visiting a public site on the internet is stupid/silly with regards to actual security, and opens yourself to attack vectors _for no real reason_. There are a TON of VERY QUICK/EASY ways to generate a very secure string for secret management that don't involve trusting a ton of third parties =|
In a "security culture conscious" SF tech company there should be no place for laziness/lack of care like that. IMO - dumb compromises like that are how you get caught with your pants down leaking a ton of PII.
It all comes down to chain of trust. When it comes down to a root password, or any secret that's business-critical you want to minimize ANY sort of risk and that's just the right way to do business.
When I point my scraper at random.org I can see it talks to "ocsp.digicert.com", "ajax.googleapis.com", "ssl.google-analytics.com", and obv. "random.org" (wow that's actually pretty good =P)... those are now three separate entities that now need trust because they all have the opportunity to see what was rendered on that page in plaintext, they have the opportunity to see what you selected, etc.
Then add to that, any browser plugin, the browser itself, etc etc. Then the "in plaintext over screenshare" issue - and you've got a lot of points where something, or someone could MiTM a plaintext password if they wanted/needed.
Generating a random password/secret by visiting a public site on the internet is stupid/silly with regards to actual security, and opens yourself to attack vectors _for no real reason_. There are a TON of VERY QUICK/EASY ways to generate a very secure string for secret management that don't involve trusting a ton of third parties =|
In a "security culture conscious" SF tech company there should be no place for laziness/lack of care like that. IMO - dumb compromises like that are how you get caught with your pants down leaking a ton of PII.