|
A question came in. How do you make images work on a webpage. Just use a href K, thanks, hey take a look at my website, it's at C:/Users/.... gently caress. I'm just going to let it play out and hope she posts a link to that thinking everyone can see it and that she doesn't need hosting of some kind. 
|
#
?
Feb 8, 2015 18:23
|
|
|
|
| # ? Jun 6, 2024 14:08 |
|
|
skooma512 posted:K, thanks, hey take a look at my website, it's at C:/Users/.... Oh man, it's my intro to web design class all over again... All students were given a small amount of webhosting to submit their assignments on, and homework was submitted by posting a link on blackboard. I mocked a lot of students behind their back, because I was just a grumpy senior in there for a free GPA boost.
|
|
#
?
Feb 8, 2015 18:34
|
|
|
How can people fail at changing their password. You type your username, you type your old password. You type a new one, You type the same thing again. Done! But instead I get this crap: pre:USERNAME. : JFoo58 OLD PASS. : ********** NEW PASS. : ******** REPEAT : ****** -Warning: Caps Lock is On!- And then they say that the stupid computer says their passwords don't match. Weird. Edit: I'm phone posting, does the formatting above look right? Dr. Arbitrary fucked around with this message at 20:52 on Feb 8, 2015 |
|
#
?
Feb 8, 2015 20:44
|
|
|
Dr. Arbitrary posted:
Not at all, but I assume that is the intention. Had a couple of those as well, typing the same thing twice is hard you know.
|
|
#
?
Feb 8, 2015 21:26
|
|
|
Dunno-Lars posted:Not at all, but I assume that is the intention. Well, the colons are supposed to line up so it's painfully obvious that the number of asterisks are not the same. The user asked me to just assign them a password. They didn't like my suggestion of: mPu3TAjZuv
|
|
#
?
Feb 8, 2015 21:55
|
|
|
Dr. Arbitrary posted:How can people fail at changing their password. Back in my early days in helldesk, I had a 'special' user who would continually forget her password. I mean, like, 3x/week. But it was never her that was the problem, obviously. So we continued to reset her password for her every few days, making sure she could log in, and assure her that we were looking into whatever the 'issue' was. Eventually, we had a post-it in the command center with her username and password so we could just tell her that we reset it to that again without having to actually reset her password. Because, you see, the password was never actually getting changed, she really was just forgetting it that quickly. How people can manage to get through life and hold down a meaningful job (read: doesn't require pushing a button with a picture of french fries on it when someone responds 'yes' to 'would you like fries with that?') and not be able to commit 8 characters to memory, I don't know. tl;dr - Never underestimate the dumbness of supposedly educated people.
|
|
#
?
Feb 8, 2015 23:56
|
|
|
I can't understand people not being able to remember passwords for one or two things. It's understandable when you have to remember more than that though. The place I work I have four different passwords. One to login to the computer. One to login to our evaluating program. One to login to Personnel file which you then use to login to the time clock which has a different password.
|
|
#
?
Feb 9, 2015 00:06
|
|
|
Thats nuts, I'll be a mega-hardass about passwords but i'll work to make sure you only need one.
|
|
#
?
Feb 9, 2015 00:10
|
|
|
SlayVus posted:I can't understand people not being able to remember passwords for one or two things. It's understandable when you have to remember more than that though. The place I work I have four different passwords. I have similar situation with multiple passwords, but I intentionally keep them all similar. As long as you use them all on regular basis, it's not so bad. Now when you come back from a long vacation, that's when you start having problems.
|
|
#
?
Feb 9, 2015 00:26
|
|
|
Dr. Arbitrary posted:How can people fail at changing their password.
|
|
#
?
Feb 9, 2015 02:56
|
|
|
They're probably just not allowed to tell someone that it's their own fault.
|
|
#
?
Feb 9, 2015 03:03
|
|
|
incoherent posted:Thats nuts, I'll be a mega-hardass about passwords but i'll work to make sure you only need one. At last count I have access to 107 separate systems, most of which I use daily in my job as ISP tech support / escalated issues. 'Normal' reps have approx 90. Of those, probably 30 or so are unique passwords. One system I have 4 different username/password combos because there's no profile switcher, so to take a different sort of chat I have to log into a different user. This is for one of the top 5 ISPs in the US, so they don't even have the excuse of being too small to change.
|
|
#
?
Feb 9, 2015 03:13
|
|
|
you ate my cat posted:At last count I have access to 107 separate systems, most of which I use daily in my job as ISP tech support / escalated issues. 'Normal' reps have approx 90. Of those, probably 30 or so are unique passwords. One system I have 4 different username/password combos because there's no profile switcher, so to take a different sort of chat I have to log into a different user. This is for one of the top 5 ISPs in the US, so they don't even have the excuse of being too small to change. 
|
|
#
?
Feb 9, 2015 03:16
|
|
|
you ate my cat posted:At last count I have access to 107 separate systems, most of which I use daily in my job as ISP tech support / escalated issues. 'Normal' reps have approx 90. Of those, probably 30 or so are unique passwords. One system I have 4 different username/password combos because there's no profile switcher, so to take a different sort of chat I have to log into a different user. This is for one of the top 5 ISPs in the US, so they don't even have the excuse of being too small to change. What the gently caress.
|
|
#
?
Feb 9, 2015 03:41
|
|
|
Is there a version of this that just grows to fill the whole screen. Because that is my response.
|
|
#
?
Feb 9, 2015 03:51
|
|
|
you ate my cat posted:At last count I have access to 107 separate systems, most of which I use daily in my job as ISP tech support / escalated issues. 'Normal' reps have approx 90. Of those, probably 30 or so are unique passwords. One system I have 4 different username/password combos because there's no profile switcher, so to take a different sort of chat I have to log into a different user. This is for one of the top 5 ISPs in the US, so they don't even have the excuse of being too small to change. Well, I was gonna post about my paltry 10 different systems, half of which have passwords that expire every 90 days and have ridiculously long history lists, but holy loving poo poo, so much for that. Instead, I'll tell you guys about how I've had the task of redesigning the company's website dumped on me last week, despite having literally zero website design or coding experience. I forget the name of the system we're using to manage our website, but thankfully it's pretty easy to learn. The biggest challenge is creating clip art for the various pages. Still, it's coming along nicely, and we're about 3/4ths of the way done, plus I get to look like a hero to both my manager and the CEO for getting it done. Meanwhile, this past week we've been expanding. We essentially have 3 parts to our office: The foyer/conference room/accounting, the credit card processing section, and the payroll processing section. We're planning on hiring a couple new people to do payroll related stuff, so we added a couple more cubicle walls to that area. My manager has also been taking up pretty much all of the slack on that side of things, and he elected to swap offices with our CEO so he could be over in the payroll wing. Meanwhile, our CEO took over Tim's office, and Tim got shunted into my manager's old office. Still with me? No? Good. So Friday rolls around, and the CEO, who had been in Florida golfing with friends all week, comes back to see that the offices haven't been fully switched around yet. He throws a small shitfit, because frankly these things were supposed to have been done already, and leaves for a bit. Everyone in the office scrambles to move the last of the stuff and get everything working. I'm just hooking up the CEO's computer and doing cable management when he comes back, and is much happier that everything's looking more like what it's supposed to. After everything's all said and done, he decides to give me his old Garmin, just kind of because. I don't really need it, but hey, free GPS. While I'm on the subject of neat rewards, the partners collectively decided that Fridays are now Office Lunch Friday. A random restaurant near the office is chosen each week, the menu is emailed around, and the office pays for lunch for everyone who wants to order.
|
|
#
?
Feb 9, 2015 03:52
|
|
|
incoherent posted:Is there a version of this that just grows to fill the whole screen. At some point it would be better to have all the unique passwords written in a list and the list kept in a small lockbox or something. Change it from something you know to something you have.
|
|
#
?
Feb 9, 2015 04:16
|
|
|
Dr. Arbitrary posted:How can people fail at changing their password. 
|
|
#
?
Feb 9, 2015 04:30
|
|
|
Since we're talking passwords, is there any obligation to tell a person their password sucks? This is a lady in benefits in HR and her password is super weak and also it's fairly obvious what her next password(s) will be. Normally I don't really care but she has basically all employee info.
|
|
#
?
Feb 9, 2015 05:00
|
|
|
you ate my cat posted:At last count I have access to 107 separate systems, most of which I use daily in my job as ISP tech support / escalated issues. 'Normal' reps have approx 90. Of those, probably 30 or so are unique passwords. One system I have 4 different username/password combos because there's no profile switcher, so to take a different sort of chat I have to log into a different user. This is for one of the top 5 ISPs in the US, so they don't even have the excuse of being too small to change. Guessing this is due to M & A and divergent systems not being integrated. Ask me how I know this, or don't.
|
|
#
?
Feb 9, 2015 05:19
|
|
|
myron cope posted:Since we're talking passwords, is there any obligation to tell a person their password sucks? This is a lady in benefits in HR and her password is super weak and also it's fairly obvious what her next password(s) will be. Normally I don't really care but she has basically all employee info. Do you have a security policy? Can she be held accountable if her weak password is determined as cause for a breach? If so, remind her of those facts.
|
|
#
?
Feb 9, 2015 05:31
|
|
|
nielsm posted:Do you have a security policy? Can she be held accountable if her weak password is determined as cause for a breach? If so, remind her of those facts. Is anyone ever seriously held accountable for breaches? Just use the magical words "APT" and "sophisticated hacker" and all of your problems go away. Besides, it's IT's job to make sure that she doesn't click on NYC_ParkingTicket.exe.zip.
|
|
#
?
Feb 9, 2015 05:36
|
|
|
Volmarias posted:Is anyone ever seriously held accountable for breaches? Just use the magical words "APT" and "sophisticated hacker" and all of your problems go away. Besides, it's IT's job to make sure that she doesn't click on NYC_ParkingTicket.exe.zip. Email her Cryptolocker from an outside email. Blame it on her weak password that the company got infected with it.
|
|
#
?
Feb 9, 2015 06:17
|
|
|
myron cope posted:Since we're talking passwords, is there any obligation to tell a person their password sucks? This is a lady in benefits in HR and her password is super weak and also it's fairly obvious what her next password(s) will be. Normally I don't really care but she has basically all employee info. How do you know what her password is?
|
|
#
?
Feb 9, 2015 07:21
|
|
|
Ignore it and get on with your life. You know it's the only smart answer.
|
|
#
?
Feb 9, 2015 07:22
|
|
|
My mom had a job for a while at a phone farm for a large online company. She mentioned being able to look up people's account info including username/password in plain text. She is not the type to make that up. I look forward to that company getting violated by lawsuits someday.
|
|
#
?
Feb 9, 2015 07:48
|
|
|
I once worked for a very old, very big multinational electronics company. 60k+ users (that got escalated to me) and about 4k systems layered like an onion around old old systems (the makers of those systems had died of old age and no one could modify them ofc = horrible) and of those there were 100+ sap systems. Most of the systems did not need an unique pw. Most of them... I do not remember how many passwords I had to know, but they needed to be updated. Some every 2 weeks, some once a year and everything in between. At least I know all SAP systems had unique passwords. I still have nightmares about trying to access a system I had not accessed for a couple of weeks trying to remember the pw so I could address a high severity issue with an sla of a couple of hours.
|
|
#
?
Feb 9, 2015 08:14
|
|
|
nielsm posted:Do you have a security policy? Can she be held accountable if her weak password is determined as cause for a breach? If so, remind her of those facts. Do any of her accounts have access to payroll ? Because I see a raise in your immediate future if they do.
|
|
#
?
Feb 9, 2015 08:26
|
|
|
GrumpyDoctor posted:How do you know what her password is? Ding ding ding. Plaintext passwords in TYOOL 2015. In benefits/HR land, no less.
|
|
#
?
Feb 9, 2015 09:22
|
|
|
Anyone struggling with a shitload of passwords should take a good look at a desktop single sign-on solution. There are a few good ones, most of them work with web or desktop apps, remember all passwords and log you in automatically, and handle password resets/expiries automatically for you according to a password policy you assign. Once it's in and working, the user only has to remember their primary logon password (usually their Windows account) or you can even tie it into fingerprint or smart card logon. Imagine KeyPass and its Chrome extension, but better. They can be expensive - the one I work with is between £20-60 per user, but I've seen password reset calls on a helpdesk drop by 90% within a month or so of them being introduced.
|
|
#
?
Feb 9, 2015 10:13
|
|
|
Mr Crucial posted:Anyone struggling with a shitload of passwords should take a good look at a desktop single sign-on solution. There are a few good ones, most of them work with web or desktop apps, remember all passwords and log you in automatically, and handle password resets/expiries automatically for you according to a password policy you assign. Once it's in and working, the user only has to remember their primary logon password (usually their Windows account) or you can even tie it into fingerprint or smart card logon. Imagine KeyPass and its Chrome extension, but better. I believe I had 3 or 4 different single sign on solutions for different sites and businesses subcontractors etc for that big company. Then there was super secure defense factories with their own bizarre solutions. Anyway. They all added up in the end. Edit for example: Pw to get in to the building where I work. Pw to log in to the computer. Pw for citrix connection to customers nw. Pw for another connection to defense contractor site. Pw for system to admin systems there. Another pw for some obscure system from the 70s to handle shipping when that goes belly up. There are passwords all the way down... moosepoop fucked around with this message at 10:32 on Feb 9, 2015 |
|
#
?
Feb 9, 2015 10:28
|
|
|
Mr Crucial posted:Anyone struggling with a shitload of passwords should take a good look at a desktop single sign-on solution. There are a few good ones, most of them work with web or desktop apps, remember all passwords and log you in automatically, and handle password resets/expiries automatically for you according to a password policy you assign. Once it's in and working, the user only has to remember their primary logon password (usually their Windows account) or you can even tie it into fingerprint or smart card logon. Imagine KeyPass and its Chrome extension, but better. We're looking into integrating our Single Sign-On solution with the national online ID system - called NemID. That way we can use a common username/password (NemID) login when they're on the internal network, and username/password with the added challenge/response card when they want to use the VPN. Apart from everyone already having NemID we figure people would be less inclined to share their usernames/passwords because you'll potentially be sharing access to your sensitive data, online banking, insurance, and basically everything you use the government for. Crowley fucked around with this message at 10:52 on Feb 9, 2015 |
|
#
?
Feb 9, 2015 10:47
|
|
|
Mr Crucial posted:Anyone struggling with a shitload of passwords should take a good look at a desktop single sign-on solution. There are a few good ones, most of them work with web or desktop apps, remember all passwords and log you in automatically, and handle password resets/expiries automatically for you according to a password policy you assign. Once it's in and working, the user only has to remember their primary logon password (usually their Windows account) or you can even tie it into fingerprint or smart card logon. Imagine KeyPass and its Chrome extension, but better. We've got one that's going to cost us $20,000 to get a badly needed upgrade. And yet half the applications loaded in to it are going to AD auth soon 
|
|
#
?
Feb 9, 2015 12:50
|
|
|
kensei posted:Guessing this is due to M & A and divergent systems not being integrated. Ask me how I know this, or don't. Primarily I think it's due to the company being cobbled together out of lots of acquisitions over the years, with no effort made to integrate anything. We even have a system that acts like a secondary menu bar that can hold most of your systems and passwords, then load them and log you in when you need it. Kind of like a start menu for internal apps. It has its own password for some reason. We have another app that runs in the background all the time to log you into SSO apps automatically, but it only works for one of them. We use Windows credentials for our SSO, but I can only think of maybe 6 systems that log you in automatically. It's a bit of a mess. Oh, and this is after a multi year push to consolidate, during which we turned down or integrated nearly 900 systems. I don't understand how anyone gets anything done during the day.
|
|
#
?
Feb 9, 2015 13:24
|
|
|
Crowley posted:We're looking into integrating our Single Sign-On solution with the national online ID system - called NemID. That way we can use a common username/password (NemID) login when they're on the internal network, and username/password with the added challenge/response card when they want to use the VPN. Apart from everyone already having NemID we figure people would be less inclined to share their usernames/passwords because you'll potentially be sharing access to your sensitive data, online banking, insurance, and basically everything you use the government for. This sounds like a dream for malware writers. Convince someone to type their WoW credentials while you listen, and suddenly you've got access to all of their money.
|
|
#
?
Feb 9, 2015 13:35
|
|
|
Volmarias posted:This sounds like a dream for malware writers. Convince someone to type their WoW credentials while you listen, and suddenly you've got access to all of their money. It's like buttcoins, but with identity theft!
|
|
#
?
Feb 9, 2015 13:52
|
|
|
Volmarias posted:This sounds like a dream for malware writers. Convince someone to type their WoW credentials while you listen, and suddenly you've got access to all of their money. It's a dream if you can convince people to fork over their credentials AND you figure out a way to defeat the two-factor auth. Granted, a few individuals have actually been lured into typing their credentials into malware pages and uploading a photo of their code cards. According to NETS (who runs the system) that has happened 8 times in total. e: WoW credentials?
|
|
#
?
Feb 9, 2015 13:55
|
|
|
Crowley posted:It's a dream if you can convince people to fork over their credentials AND you figure out a way to defeat the two-factor auth. World of Warcraft
|
|
#
?
Feb 9, 2015 13:58
|
|
|
Crowley posted:It's a dream if you can convince people to fork over their credentials AND you figure out a way to defeat the two-factor auth. Is this code card electronic like an RSA or Entrust key or just a code that has to be entered? Because if it's the latter, that's not two factor auth.
|
|
#
?
Feb 9, 2015 14:01
|
|
|
|
| # ? Jun 6, 2024 14:08 |
|
|
flosofl posted:Because if it's the latter, that's not two factor auth. It's 2 factor auth, it's just dumb 2 factor auth (it's what at least a few major Japanese banks use for their e-banking. SMBC at least, and I'm pretty sure Mizuho are the same)
|
|
#
?
Feb 9, 2015 14:16
|
|
