[Cialug] Password Resets
Dave Hala
dave at 58ghz.net
Tue Jun 29 15:47:57 UTC 2021
Sounds like some type of biometric authentication might be a better option
for you.
On Tue, Jun 29, 2021 at 10:41 AM Brett Neese <brneese at brneese.com> wrote:
> My password is the standard "a bunch of random words strung together with a
> delimiter," but the keyboard on my work laptop (which I hardly ever use) is
> terrible, so I've been known to enter it incorrectly far more than 6 times
> in a row. I would definitely be fired from Justin's company.
>
> Brett Neese
> 563-210-3459
>
>
>
> On Mon, Jun 28, 2021 at 4:46 PM jim kraai <jimgkraai at gmail.com> wrote:
>
> > https://media.giphy.com/media/NFl9JyJQANdGE/giphy.gif
> >
> > On Sun, Jun 27, 2021 at 11:21 PM Justin Richeson <neomatrixjr at gmail.com>
> > wrote:
> >
> > > Do not give the user a password...for giving the user a password gives
> > them
> > > the opportunity to f__k it up 6 times and lock out again. Instead,
> > invest
> > > your many hours of password resets into creating a secure password
> reset
> > > system...and teach users to fix their own f__k-ups.
> > > Then, convince your company to fire anyone that resets their passwords
> > more
> > > than twice in any given day more than 3 times...'cause that person
> ain't
> > > smart enough for office work.
> > >
> > > On Fri, Jun 25, 2021 at 8:41 AM kristau <kristau at protonmail.com>
> wrote:
> > >
> > > > I feel for you, sir!
> > > >
> > > > I especially enjoyed the "tried every different combination" part.
> > Phil,
> > > > every different combination of that exact string is a set of 1. I
> just
> > > > about sprayed coffee over my keyboard.
> > > >
> > > > Thanks!
> > > > kristau
> > > >
> > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> > > >
> > > > On Thursday, June 24th, 2021 at 9:43 AM, Todd Walton <
> > tdwalton at gmail.com
> > > >
> > > > wrote:
> > > >
> > > > > No matter how hard a person tries, he or she is never going to
> escape
> > > > >
> > > > > users... they're always there... lurking around the next corner...
> > > ready
> > > > >
> > > > > to launch upon the unsuspecting IT person such offenses as "the
> > > password
> > > > >
> > > > > reset". Let's call my attacker Phil.
> > > > >
> > > > > An IM transcript:
> > > > >
> > > > > 14:46 Phil: That password "password" is not working
> > > > >
> > > > > 14:47 Phil: Wait. It worked!
> > > > >
> > > > > 14:49 Phil: tried every differnet combination and no luck
> > > > >
> > > > > 14:51 Me: Every different combination of what?
> > > > >
> > > > > 14:51 Me: Your password worked? Or didn't work?
> > > > >
> > > > > 14:52 Phil: password
> > > > >
> > > > > Phil, that isn't even English syntax. You gotta help me out,
> buddy. I
> > > > >
> > > > > literally set your password to "password" and told you that's what
> it
> > > > was.
> > > > >
> > > > > All you gotta do is type "password". You could even cut and paste
> the
> > > > >
> > > > > actual word into the password field.
> > > > >
> > > > > I like the customer support aspect of my job. I like creating
> > satisfied
> > > > >
> > > > > customers. I know it's a little dorky, but I cheered when Tron said
> > "I
> > > > >
> > > > > fight for the user!" But people like Phil really test the limits. I
> > > spent
> > > > >
> > > > > an hour on this password reset. I'm not help desk. Resetting
> > passwords
> > > > >
> > > > > isn't my primary reason for being employed. Oy, the literal
> headache.
> > > > >
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> > > > >
> > > > > Todd
> > > > >
> > > > > Cialug mailing list
> > > > >
> > > > > Cialug at cialug.org
> > > > >
> > > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > > > _______________________________________________
> > > > Cialug mailing list
> > > > Cialug at cialug.org
> > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > > >
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>
--
NIFCAP -The Premier Client Intake System for Non-Profit Organizations.
https://www.osis.us
More information about the Cialug
mailing list