Passwords are for AES-holes
Security is an illusion
Agentless Backup is Not a Myth
Something for the Weekend, Sir? When did you reach burnout? For me, it was spring 2009. Looking back, I did well to last as long as I did but the constant pressure of coming up with something new, again and again, became too much.
I'm not confessing to an emotional crisis, by the way. I'm talking about my ability to create new system logins that I can remember for longer than an afternoon. Today, about a third of my incoming emails have 'password reset' in the subject line.
'Oh god, not another bloody password to remember. One more and I'll fake my own death just to avoid the buggers'
Source: BBC/2 Entertain
My password fatigue came to a crunch while I was freelancing at a company that bullied its users into entering a unique login every time you wanted to do anything whatsoever on one of their computers. First up was a straightforward Active Directory login, which is fair enough, but this barely carried you beyond the company's intranet page.
Want to visit an external website? Another login. Check email? Another login - yes, even with AD. Run the core apps? Another login. Open the image library? Another login. Access the database? Another login. Browse the archive? Another login. Launch the production tool? By now, you know the answer.
If I was working remotely, I had to use yet another login to seek permission to enter any of the above logins, and it was particularly irritating because it insisted on asking me to enter this one twice. Those of you who know me: it's not the company you think it is, so keep guessing.
'I didn't get where I am today by not forcing my staff to log in 13 times to to start work'
Source: BBC/2 Entertain
Most of the company employees got around the problem by creating identical ID names and passwords for everything. The IT department responded to this challenge by forcing users to change their passwords every month. The ever-resourceful users quickly discovered that the automatic prompt was fixed to a 12-month cycle, so all they had to do when prompted to change their passwords was to spend a minute changing it 12 times and then choose their original password again.
Now I understand why computer security is important. I also understand why I should not use the same ID and password for all my bank accounts and credit cards. What I don't understand is why I would need 13 different logins at the same company simply to identify who I am.
COMMENTS
Pot... meet Kettle
Seriously Reg, how you can have the gall to publish an article criticising anyone else's login/password failings, is beyond me. Especially when your own website has about eleventy-billion completely pointless separate subdomains, all requiring individual logins –and there are Alzheimer's inflicted goldfish with better recall than your login cookie's "remember me.." option.
Title says it all.
[Had to login for about the fourth time today, to post this]
Re: In fact it is not
Okay, so how do they enter their strong password made up of numbers and letters and a limit set of non-alphanumeric characters in a field with masked input without typos?
Re: In fact it is not
"The point, for those thickos who've missed it (which is all of you so far!), is not that I don't know how to type accurately without being able to see what I'm doing -- I'm a sysadmin, of course I can do that. Users mostly can't."
And there's the elitism that our industry is famous for: IT pros are perfect; users are useless. Well, Aaron, fuck you. You're wrong, and you probably know it.
Show me a study. Show me numbers that prove sysadmins are better typists than average users, and I still won't believe you.
I deal with "users" on a daily basis, and the ones I know are better at typing than I am, and I'd have no problem with Correct Horse Battery Staple.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
