|
wa27 posted:To make sure people don't change it and then immediately change it back? Disallowing the last n passwords would fix that too, I guess. Yeah, but dedicated users will just change their passwords six, eight, ten, whatever times rapid-fire until they can go back to hunter2 or whatever.
|
#
?
Feb 14, 2017 20:41
|
|
|
|
| # ? Jun 3, 2024 06:32 |
|
|
 This just came through our queue. We have been using Skype for Business/Lynx for 3-4 years now. Who has been using AIM after 2007?
|
|
#
?
Feb 14, 2017 20:42
|
|
|
The Nards Pan posted:Yeah, but dedicated users will just change their passwords six, eight, ten, whatever times rapid-fire until they can go back to hunter2 or whatever. I don't think you can set your password as seven asterisks
|
|
#
?
Feb 14, 2017 21:04
|
|
|
Don't tell me how to live my life.
|
|
#
?
Feb 14, 2017 21:05
|
|
|
A former co-worker told me that he had his password set as a small word and a number at the end. Every password change day, he just increased the number by 1. Told me it was depressing when he was on the equivalent of Password30. 
|
|
#
?
Feb 14, 2017 21:09
|
|
|
mewse posted:When people call for a password reset now I tell them "OK I'll give you a temporary password", set it to something simple and set the flag for "user must change password at next logon". One of the main things I do at my helpdesk position is set temporary passwords. Most calls are friendly, emails are short and easy. And the self-use password tools are broken because so much stuff has been updated, except for the tools, so it's way less frustration for the user to call in. There's also like 7 accounts to use, only 3 of which are synchronized with passwords. Now, the real fun is the people who don't understand what "You will have to change your password at next log in" means, or can't type the same thing in the "new password" field and the "Confirm new password" field. 
|
|
#
?
Feb 14, 2017 21:10
|
|
|
Malek posted:A former co-worker told me that he had his password set as a small word and a number at the end. Every password change day, he just increased the number by 1. I've had a few places where it wouldn't even let me use something similar to any of my old ones. That one got frustrating after I managed to screw it up, and all of my memorable passwords got used in a couple weeks. On the bright side, thats also what got me using a password manager.
|
|
#
?
Feb 14, 2017 21:25
|
|
|
The Nards Pan posted:Yeah, but dedicated users will just change their passwords six, eight, ten, whatever times rapid-fire until they can go back to hunter2 or whatever. Hahaha OK that makes sense.
|
|
#
?
Feb 14, 2017 21:30
|
|
|
Any of yall ever had to run a location off a mobile 4G hotspot? One of our warehouses had to move locations before the local government would approve running fiber(commission in charge of that only meets every three months) so we're stuck trying to get ~40 PCs and printers working off of a Verizon hotspot connected to a Meraki firewall. Naturally half our necessary services work fine if a little slow, and the rest are completely failing to connect.
|
|
#
?
Feb 14, 2017 21:30
|
|
|
cage-free egghead posted:
Can they use AIM? I thought they had shut off the service.
|
|
#
?
Feb 14, 2017 21:32
|
|
|
Eschatos posted:Any of yall ever had to run a location off a mobile 4G hotspot? One of our warehouses had to move locations before the local government would approve running fiber(commission in charge of that only meets every three months) so we're stuck trying to get ~40 PCs and printers working off of a Verizon hotspot connected to a Meraki firewall. Naturally half our necessary services work fine if a little slow, and the rest are completely failing to connect. Is there no other internet connection you can get at that site besides the 4G hotspot and the (future) fiber link? Even getting a very slow DSL or cable line in there may allow some of your services to work that don't work now. azurite posted:Can they use AIM? I thought they had shut off the service. You're thinking of MSN Messenger for the shutdown, or maybe Yahoo Messenger which was supposed to go down soon. Both ICQ and AIM are fully functional still with no plans to shut either of them down.
|
|
#
?
Feb 14, 2017 21:34
|
|
|
Eschatos posted:Any of yall ever had to run a location off a mobile 4G hotspot? One of our warehouses had to move locations before the local government would approve running fiber(commission in charge of that only meets every three months) so we're stuck trying to get ~40 PCs and printers working off of a Verizon hotspot connected to a Meraki firewall. Naturally half our necessary services work fine if a little slow, and the rest are completely failing to connect. Good luck. I'd look into DSL or something as a temporary thing. We had an office move across town. Before move we set up and verified it would have Fiber access with AT&T. We get there and...no fiber. They'd have to run it to the building, in fact, as the closest line stopped across the street. It would take months to get approval and install, and it would cost a bazillion dollars. We eventually got it to the building, pretty sure after some legal action, but we tried hotspots at first. It was loving awful. Some services were unusable and our IT guys were working 12-18 hours per day every day trying to fix it for weeks. Eventually we just gave up and got some DSL hooked up. Slow, but at least it worked.
|
|
#
?
Feb 14, 2017 21:35
|
|
|
fishmech posted:Is there no other internet connection you can get at that site besides the 4G hotspot and the (future) fiber link? Even getting a very slow DSL or cable line in there may allow some of your services to work that don't work now. It's only for three weeks, so I guess the folks doing the move decided it wasn't worth it. We've got enough workarounds to get everything functioning, if not in ideal ways.
|
|
#
?
Feb 14, 2017 21:49
|
|
|
cage-free egghead posted:
|
|
#
?
Feb 14, 2017 21:52
|
|
|
DACK FAYDEN posted:Is it AIM or MSN Messenger that all the stock-floor-traders use? I know one of the two is like, enduringly perpetually popular because it's totally entrenched.
|
|
#
?
Feb 14, 2017 21:54
|
|
|
Neddy Seagoon posted:You're thinking too smart. I'll bet they put ALL their work on the desktop so they could find it.
|
|
#
?
Feb 14, 2017 21:55
|
|
|
The Nards Pan posted:Yeah, but dedicated users will just change their passwords six, eight, ten, whatever times rapid-fire until they can go back to hunter2 or whatever. Our voicemail PINs are unnecessarily long, and I have zero confidential information on my business phone so I'm perfectly happy to reuse my PIN forever. Every quarter when the reset comes along I basically smile real big at my buddy over in Telecom and he clears out my PIN history, but now I can spare him that call.
|
|
#
?
Feb 14, 2017 21:55
|
|
|
DACK FAYDEN posted:Is it AIM or MSN Messenger that all the stock-floor-traders use? I know one of the two is like, enduringly perpetually popular because it's totally entrenched. Yahoo was huge for traders in a lot of industries, before the recent decision by Yahoo to discontinue the normal client for it (which a lot of them needed to use because of how you could integrate it with other things). Most of them have likely switched to AIM or ICQ since those services are still up.
|
|
#
?
Feb 14, 2017 21:57
|
|
|
RFC2324 posted:I've had a few places where it wouldn't even let me use something similar to any of my old ones. That one got frustrating after I managed to screw it up, and all of my memorable passwords got used in a couple weeks. If similar passwords are refused, then your old passwords are stored in plain text.
|
|
#
?
Feb 14, 2017 21:57
|
|
|
Dr. Arbitrary posted:If similar passwords are refused, then your old passwords are stored in plain text. It might also hash out similar passwords when it's created so if you send Hunter2 it might hash a few increments or other common "same password" things. I'm sure you could figure out a way to do it.
|
|
#
?
Feb 14, 2017 22:03
|
|
|
mewse posted:When people call for a password reset now I tell them "OK I'll give you a temporary password", set it to something simple and set the flag for "user must change password at next logon". We can't even force a password change because most users requesting password resets are off-campus, and logging in through our web portal. Somewhere the link to AD is messed up, so that the "user must change password at next logon" flag stops them from being able to change their password from the website. We just give everyone the same temp password in an email, followed by "This is a temporary password please change immediately from the account menu!" I doubt many people do. I seem to be the only person here who sees the problem with this.
|
|
#
?
Feb 14, 2017 22:06
|
|
|
Hungry Computer posted:We can't even force a password change because most users requesting password resets are off-campus, and logging in through our web portal. Somewhere the link to AD is messed up, so that the "user must change password at next logon" flag stops them from being able to change their password from the website. We just give everyone the same temp password in an email, followed by "This is a temporary password please change immediately from the account menu!" I doubt many people do.
|
|
#
?
Feb 14, 2017 22:09
|
|
|
azurite posted:Can they use AIM? I thought they had shut off the service. fishmech posted:You're thinking of MSN Messenger for the shutdown, or maybe Yahoo Messenger which was supposed to go down soon. Both ICQ and AIM are fully functional still with no plans to shut either of them down. The servers are still up and AOL is still operating them with no intention of shutting down, but the development team behind AIM was shitcanned back in 2012, so there won't be any new (official) clients or updates.
|
|
#
?
Feb 14, 2017 22:32
|
|
|
mewse posted:When people call for a password reset now I tell them "OK I'll give you a temporary password", set it to something simple and set the flag for "user must change password at next logon".
|
|
#
?
Feb 14, 2017 23:07
|
|
|
Ghostlight posted:This has gotten me repeated callbacks as people mistake the change password dialogue for their new password not working. I hold their hand through the process over the phone. "Ok 'old password' is the temporary password I just gave you."
|
|
#
?
Feb 14, 2017 23:08
|
|
|
Yay, I just got the "I just received the automated ticket creation email ten seconds after I submitted my ticket and it's frankly insulting that you've marked it 'Low Priority' given the severity of the issue" phone call. Who had that in the pool for today?
|
|
#
?
Feb 15, 2017 00:27
|
|
|
odiv posted:Yay, I just got the "I just received the automated ticket creation email ten seconds after I submitted my ticket and it's frankly insulting that you've marked it 'Low Priority' given the severity of the issue" phone call. I hope you just pointed them at your SLA matrix.
|
|
#
?
Feb 15, 2017 00:40
|
|
|
wa27 posted:To make sure people don't change it and then immediately change it back? Disallowing the last n passwords would fix that too, I guess. It's the combination of both though - if you set a minimum of one day and also remember the last 20, it'd take them 20 days to get back to their old password. Which I mean at that point, if they're that dedicated, godspeed you massive twatface you just go ahead and use whatever stupid password you had. Whereas if there's no minimum they can speed through it in 5 minutes. And yeah the error message about complexity when it's the minimum age loving it up is a ridiculous situation - how hard would it be Microsoft to have the machine say "your password cannot be changed yet because of minimum age requirements, please contact your admin"? You don't even have to say how long you have to wait because that would be giving up too much information in the system, but at least point the user (and the helpdesk) in the right direction instead of the helpdesk spending 30 minutes having the user type in valid passwords and both sides getting more and more angry because the helpdesk thinks the user is an idiot and the user knows s/he's typing in a correct password. No I haven't experienced this directly or anything why do you ask edit: goddammit there was another page I'm loving failing at posting today SyNack Sassimov fucked around with this message at 02:30 on Feb 15, 2017 |
|
#
?
Feb 15, 2017 02:27
|
|
|
odiv posted:Yay, I just got the "I just received the automated ticket creation email ten seconds after I submitted my ticket and it's frankly insulting that you've marked it 'Low Priority' given the severity of the issue" phone call. We just switched over to a new system that sends automated e-mails when a ticket is created or closed. Also since it's a new system there are tons of duplicate tickets. There's no way to merge tickets, so you have to close one and note on it that it was merged with ticket number whatever. It doesn't matter how much you warn the user, how clear you make the notes that "this is still open just with a different number", it doesn't matter if you called this person every day for a week and never got a response, as soon as you close that ticket there's an angry e-mail "WHY DID THIS GET CLOSED IT IS NOT RESOLVED!" And of course the reply-to e-mail address is the automated ticket generating e-mail address, so that opens another new call, which has to be closed, and...
|
|
#
?
Feb 15, 2017 03:38
|
|
|
A Pinball Wizard posted:We just switched over to a new system that sends automated e-mails when a ticket is created or closed. Also since it's a new system there are tons of duplicate tickets. There's no way to merge tickets, so you have to close one and note on it that it was merged with ticket number whatever. Trigger warning that poo poo 
|
|
#
?
Feb 15, 2017 07:50
|
|
|
I think we mandate password changes every 6 months, and for those who are out traveling a lot AND is capable of using strong passwords (and password managers) we waive that time limit too. The strict password rotate rules that are in place aren't nearly as effective as people think.
|
|
#
?
Feb 15, 2017 08:38
|
|
|
anthonypants posted:Of those two, only one still exists. MS Messenger was a god drat great messaging program, and it's a shame it was dumped in favor of Skype. 
|
|
#
?
Feb 15, 2017 13:28
|
|
|
A Pinball Wizard posted:We just switched over to a new system that sends automated e-mails when a ticket is created or closed. Also since it's a new system there are tons of duplicate tickets. There's no way to merge tickets, so you have to close one and note on it that it was merged with ticket number whatever. So any time I have to call them it's a silly case of "Yeah I don't know what my ticket number is but it relates to issue blah blah"
|
|
#
?
Feb 15, 2017 14:56
|
|
|
My company just said two day incident closure in our totally poo poo HEAT itsm platform otherwise it impacts pa for the individual and the team. I said are you sure you want to do this because people will just avoid making incidents and generally game the system. Had them confirm they have no guidelines and no data to support why it should be two days instead of maybe starting with a week or evaluating/making a dedicated SLA. Response: Yes. Document everything. 
|
|
#
?
Feb 15, 2017 14:58
|
|
|
The IT guys set our domain passwords for us and we're not allowed to change them. And if you get locked out or forget, they can just send you the password. The original. It doesn't change. Doesn't that imply they have them stored in plaintext somewhere? I have access to sensitive financial information because my idiot CFO didn't set up my QuickBooks account properly, and we've got sorta crappy, obvious passwords despite "complexity" and are discouraged from locking the computer anytime but the end of the day.
|
|
#
?
Feb 15, 2017 15:24
|
|
|
How many times a year do you get crypto, on average
|
|
#
?
Feb 15, 2017 15:27
|
|
|
D34THROW posted:The IT guys set our domain passwords for us and we're not allowed to change them. Yes. I've seen in-house heads of IT store everyone's password in an excel sheet on a network drive.
|
|
#
?
Feb 15, 2017 15:28
|
|
|
D34THROW posted:The IT guys set our domain passwords for us and we're not allowed to change them. 
|
|
#
?
Feb 15, 2017 15:33
|
|
|
D34THROW posted:The IT guys set our domain passwords for us and we're not allowed to change them. I would hope it's in a keepass but based on the fact that this doesn't make any sense at all I'm going to assume excel file and they don't care. You have incompetent internal IT. I find most people in IT don't know what they are doing and half your job is damage control for their loving up. They are almost always above you too.
|
|
#
?
Feb 15, 2017 15:43
|
|
|
|
| # ? Jun 3, 2024 06:32 |
|
|
MANime in the sheets posted:Yes. I've seen in-house heads of IT store everyone's password in an excel sheet on a network drive.  That defeats the whole purpose of changing password every X days.
|
|
#
?
Feb 15, 2017 15:43
|
|