Colorado voting system passwords were posted to secretary of state’s website
Passwords to certain components of Colorado’s voting system were posted publicly on the Colorado Secretary of State’s Office website under a hidden tab of a spreadsheet, according to a discovery made Tuesday.
Discovery of the posted passwords was shared on Tuesday in a mass email from Colorado Republican Party Vice Chair Hope Scheppelman. The mass email, Denver’s 9NEWS reported, included an affidavit from a person, whose name was redacted, who claimed they’d downloaded the spreadsheet file from the website and discovered the hidden tab by simply clicking “unhide.”
The passwords included in the hidden tab were used to configure voting machine system settings, 9NEWS reported, and make up one part of the security process for Colorado’s voting machines.
Colorado Secretary of State Jena Griswold told 9NEWS on Tuesday that the spreadsheet containing the passwords had been on the office’s website for several months, and that she was only made aware of the error this week before taking it down.
In a statement on Tuesday, Griswold’s office said the discovery “does not pose an immediate security threat to Colorado’s elections, nor will it impact how ballots are counted.”
The office shared information about how the passwords factor into its election security measures, including that voting equipment is stored under lock and key, only accessible to those with the correct credentials, and that each voting system component has a “strict chain of command.”
“Colorado elections include many layers of security. There are two unique passwords for every election equipment component, which are kept in separate places and held by different parties. Passwords can only be used with physical in-person access to a voting system,” the statement read.
The office said it took immediate action after the discovery, which included informing the Cybersecurity and Infrastructure Security Agency, which monitors and protects Denver’s essential security infrastructure.
“The Department is working to remedy this situation where necessary,” the statement continued.
