Tweet
I can't count how many times I've been in this situation!
-
P.S. You've been Spanked! -
I have so many passwords at work that I can't remember them all. -
Not only do I have a ridiculous amount of passwords, the most annoyiung thin is when various services to log onto, even within ONE institution, have differing password policies.
Last time a tried to ordr non-standard software I was told I would no get it as it failed the standardisation policy. I asked them as of when they'd start standardising passwords. They were not amused.Join MURCs Distributed Computing effort for Rosetta@Home and help fight Alzheimers, Cancer, Mad Cow disease and rising oil prices.
[...]the pervading principle and abiding test of good breeding is the requirement of a substantial and patent waste of time. - VeblenComment
-
my work requires upper letter, lower letter, number and exactly 8 characters. the system remembers the past 12 passwords, and after the password has been changed it cannot be changed again for 2 days.“Inside every sane person there’s a madman struggling to get outâ€
–The Light Fantastic, Terry PratchettComment
-
Lol.
~~DUkeP~~Comment
-
With me it depends. Most remember at least 15 pws. Some require 6, some 8 as a minimum. Some will not allow one character to appear more than 2 times. Some require a cap, some don't.Join MURCs Distributed Computing effort for Rosetta@Home and help fight Alzheimers, Cancer, Mad Cow disease and rising oil prices.
[...]the pervading principle and abiding test of good breeding is the requirement of a substantial and patent waste of time. - VeblenComment
-
My bank now has a dynamic system that eliminates passwords. I put in my ID no., it comes back with a 6-figure number which I type in to a smart card calculator. This then comes up with an 8 character alphanumeric set which I type into the 'puter and I get through. The smart card has a unique encrypting algorithm. I calculate the odds of someone without the algorithm gaining access within the few seconds available is about 2.8 trillion:1. Because it's dynamic, it's immune to Trojan horses. Another bank I work with has a very weak system and works only with a 6 figure ID number and a static password of 8 alphanumeric characters. The only protection is that it forces a password change once every three months, but the IT guy told me that 1/3 of the clients change the password back to what it was 5 minutes after changing it
Brian (the devil incarnate)
Comment
-
Love too see people doing that at a cash till muggings would rocket.Comment
-
Right Mum, double click "My Computer"
Yes, with the mouse
Yes, left button
On the mouse Mum
Ok open up control panel
It's in the window you just opened
Ok sorry I'll slow down
Yes open it
Double click
Left button, Mum
LEFT BUTTON
ON THE MOUSE
No I'm not getting angry with you
Right click on "Add or remove programs"
That's left click
Ugh... close that window
No I didn't tell you to open it
Close the window
The little x in the corner
Not on the keyboard, on the screen mum
ON THE SCREEN, RIGHT THERE LOOK
Right now... NO DON'T CLOSE THE CONTROL PANEL!!
Ugh ok lets try again... double click "My Computer"...Last edited by EnglandJoe; 6 December 2004, 06:07.Comment
-
a) I'm talking about a civilised society, not one where everyone is paranoid about every form of criminality, as you appear to be to us at the other end of your keyboard.Originally posted by The PIT
Love too see people doing that at a cash till muggings would rocket.
b) the system I describe is for Internet banking, not to replace a PIN no. for a credit or debit card. I would have thought the context was obvious.Brian (the devil incarnate)
Comment
-
We had the security auditors in last week,
You login into the network with your network password, then type in your nt password, and then your finance pw to get into the finance system. You must have them all or you will be denied access.
Mees thinks the auditor will give this a black mark as its far to easy to get into the system.
-Once a auditor criticised our admin/superduper password because it was only 17 characters long, this was because it could be cracked with a bruite force method of entry, on explaining that the system locked the pw and workstation if this happened was just not good enough.
Ah security give me biometrics so I can show them the finger.
BreezerEverything I say is true apart from that which is notComment
-
Biometrics are insecure as long as you only test against one criterion (i.e. fingerprint only).
I read of a system once that could identify you by the way you type, and works with every ordinary keyboard, no cameras etc. It just notices the time it takes you between pressing keys, and it actually was very accurate and had very little false positives. This, together with a longer individual passphrase that has to be entered on the keyboard would provide a nice, secure, easy to use, brute force immune and non-intrusive way of identifying yourself.
AZComment
-
This is our PW screen.
the user names in this office start with TR (treasurer)
Note though, that their pw for the application is not the same as thier pw for the db.
The program does an MD5 hash on thier entered pw and some other stuff to come up with thier db pw.
Which winds up as a 32 char random looking string.
That way they can't log in to the db using other db tools.
Because they don't know thier "real" password.
ChuckLast edited by cjolley; 6 December 2004, 08:02.Chuck
秋音的爸爸
Comment
-
I can't even talk about our requirements for passwords or I'll have to leave the country.Comment
-
"They" would find you
Chuck
PS our situation is just the opposite.
everything we do is public record.
Sort of like open source.
Would you like an ER diagram or some internal code?Chuck
秋音的爸爸
Comment
Comment