Sysadmin figures out dating agency worker lied in his profile
I'm tall, handsome, ready to commit and don't know how to operate the ENTER key
On-Call Thank the Galactic Spirit it's Friday: your correspondent is beat! But not so beat I can't dip into the On-Call mailbag to dredge up another story in which your fellow Reg readers explain how they've rescued clients and colleagues from chronologically-inconvenient computational cock-ups.
This week, meet “Hal”, who tells us that he worked for an IT services company that did phone support and remote admin for small businesses. One of Hal's clients was a dating agency that was just starting to digitise its records, but still used paper forms during the client interview process so as not to intimidate clients.
Some data entry drones got the job of typing the data into a cheap PC that Hal set up in each of the agency's offices around Britain. The drones access a web application and mostly reported no hassles.
Except for one chap in one office.
Said chap said he couldn't log in, at all. Hal could see his PC online, so that wasn't the problem. Log files showed some failed log ins, with incorrect credentials to blame. So Hal reset the account credentials and let the agency know.
Which fixed nothing. Indeed, the next day Hal took a call from irate customer complaining the system didn't work and it wasn't even possible to log in.
This time Hal got to visit the site and, when he arrived, was able to use the credentials to log in just fine. He checked the keyboard for stuck keys, did an anti-virus scan just in case and could find no reason for the problem.
So Hal provided an even shorter and simpler username and password. The data entry person was then summoned to get about their business with Hal monitoring events in real time.
“I sat there watching the logs, and sure enough, the bad credentials entry popped up and then the phone rang,” Hal recalls. “I confirmed the user's name (five letters) and password (six characters) and got them to try logging in while I was on the phone.”
A series of tap...tap....tap...LOUDTAP sounds ensued and Hal quickly saw that bad credentials had been typed again. So Hal asked the user what he was doing.
"I'm typing my name, pressing enter, typing my password and pressing enter again!"
Hal quickly figured it out.
“He was staring at the keyboard during the whole login entry process, so didn't notice the error message the first time he pressed ENTER. And the second time he pressed ENTER press dismissed the error message.” Cue an endless loop of fail.
Hal reckons the chap may have fibbed a bit during the job application process, perhaps telling the company he knew more about computers than was really the case.
Which sounds like standard behaviour at a dating agency: doesn't everyone's file say they're slim, handsome, loving and only outsourcing relationship matters because they've got so much else going on in their lives?
But we digress: this is the bit of the column in which we ask you to share stories similar to Hal's. If you have one, click on this here hyperlink and send it to me. ®
Sponsored: Becoming a Pragmatic Security Leader