Need the opposite costume, the overly eager sys admin.
- wants to force password changes once a month for security
- constantly changing security policies to reflect the flavor of the month
- constantly sends out phishing emails tests, wonders why no one replies to any of his emails
My fucking uni is trying to move to passwordless, but you will always need a password to log onto any lab device, and to the wifi, so why?
I mean you don’t actually need a password for that when it’s implemented the right way
…implemented the right way
see
…you will always need a password
A website once complained my password contained 3 consecutive letters there were 1 away from each other. This was back when I used sentences for passwords. It was complaining about the word worst because of r-s-t.
That’s wack. Passphrases are second only to random passwords generated by a password generator in terms of security, character proximity doesn’t matter with that much length.
As someone in the InfoSec field, I also hate those people.
“What do you mean this password is too short? I use it for everything!”
“how many times do i have to tell you that your name + your birthday date js not a good password!”
“My files are highly confidential”
password is suburb+suburbpostcode
I used to have a lady I worked with who was like this. She had the common sense of a fucking carrot and was dumb as shit. What was weird is she was highly skilled in the one job she was hired for, the rest of the time she would click on everything and I would had to fix her computer multiple times a week. One time I tried to walk her thru something on the phone and I told her to click on an icon, her response was “Whats an icon?”
Clicks on everything or is too scared to click on anything and never learns how to use the software
- Installs antivirus on servers that wrecks application performance
- installs content filtering proxy that prevents developers from reading “hacking materials” like OWASP documentation
- won’t let developers install anything on their own machines without filing a ticket and waiting 6 weeks
- pushes unannounced antivirus updates that pop up OS security dialogs like “Netscan Antivirus would like to monitor all network traffic. Enter your password to approve”, and is surprised when users don’t enter their passwords.
Your corporate IT guy
We might work at the same company lmao. My laptop is borderline unusable due to all the monitoring garbage despite having really fast hardware
Sigh. Their hearts are in the right places…
Fuck my email is (first name)(last initial)(birthday and month)@gmail.com
Searches for things online by typing it as a post on social media instead of using a search engine as in: “Google what is the weather like today near me?”
Password expiration is no longer considered a best practice. FYI.
deleted by creator
expired
Oh really? How come?
I would imagine most users change their password by only 1 character, and maybe even in sequential order.
When time comes to change the password, it becomes password1234 instead of password123. Or password234. Something easy to remember, most users don’t care about best security practices, and changing to a similar password is very convenient. Especially if it’s “only” for work stuff
I bet he also picks up USB sticks from the parking lot and plugs them into his work computer.
Hey. Password123 is progress, right?