|
We have to use Yubikeys in the cleanroom and they suck. Wearing gloves means the touch only works some of the time, and every so often they just get disabled and you have to use an alternate login and contact helpdesk and its just awful.
|
#
?
Oct 7, 2023 15:01
|
|
|
|
| # ? Jun 6, 2024 16:28 |
|
|
Johnny Truant posted:yeah mine was "if you want to wfh, install Authenticator" and that's a pretty big incentive, so Yeah this is how ours works because it’s necessary to connect to the VPN required for WFH, idgaf in any event because it integrates into the authenticator app where all my other personal 2FA stuff lives already so 
|
|
#
?
Oct 7, 2023 15:01
|
|
|
Scientastic posted:Our finance team have read receipts on all their emails, because they got so fed up with these huge billion dollar businesses saying “what invoices, you’ve never asked us to pay invoices before, what are you talking about?” The Husband's workplace is having a time along these lines. Major, international conglomerate orders 3 widgets and wants the option to buy more. This is expensive, high hundreds of thousands of dollars. Company tells them it's going to be more expensive unless they order all the widgets at once due to time and pricing. Sure, no problem. 1 widget for one international branch, 2 for another, and 2 for a third. Just before the first invoice goes out, the major international conglomerate splits off its international branches into their own divisions with their own funding and AP/AR. No worries, right? Just change the header for each branch and send it on its way. No. Each branch wants their invoices done differently and will not pay an invoice that deviates from their proscribed invoice demands. Oh, and two of them want to cancel their second widgets which have already been purchased for. And, since they are now three different companies, the job numbers can't stay the same. And since the job numbers have to change, so do the billing numbers... And... And... And... This has been going on for at least six months, and no payment yet.
|
|
#
?
Oct 7, 2023 15:04
|
|
|
Company sent out an email to announce that they'll be changing the password requirements so instead of expiring every 90 days, passwords will soon last a whole year "With stricter complexity requirements". I cannot wait to see how mangled and impossible to type they'll force passwords to be.
|
|
#
?
Oct 7, 2023 15:42
|
|
|
Thesaurus posted:What's so great about yubikeys? Is it just a USB stick you have to touch?. We have one now, and afaik it just takes a daily sample of DNA or something to send to Bill gates' Mark of the beast databases There's some small advantages to the hardware not having an antenna but it's not like someone's going to use a cell phone authenticator zero day to read your emails.
|
|
#
?
Oct 7, 2023 15:46
|
|
|
"if they want to install an app on my phone they'll have to pay my phone bill." Are you people handing over your car notes because they make you drive to work? Are you having them pay your mortgage because you WFH? Most people check personal poo poo on work computers but when it's time for a 2fa on YOUR phone it's suddenly a problem? I'm all for eating the rich and dismantling the system but that's a dumb hill to die on.
|
|
#
?
Oct 7, 2023 15:56
|
|
|
I never use fingerprint poo poo bc I assume whoever is storing the fingerprint sends it immediately to the police. Can I claim to be jehovahs witness or something to get out of that poo poo
|
|
#
?
Oct 7, 2023 16:05
|
|
|
I already have authenticator on my phone for other things, it's when the company wants to install their own app or have remote wipe access that I'd draw the line. Content: I'm now working for a heavy equipment rental place in a very rural area. Some older guy in a full on cowboy outfit comes in, leers at me and cracks a gross joke, then looks at me and says: "Well if that's sexual harassment let me know so I can get my money's worth!" I'm an early 40s curvy married goonette. I cringe to think if I was young and pretty. oh well at least I'm forklift certified now
|
|
#
?
Oct 7, 2023 16:15
|
|
|
Pyrtanis posted:"Well if that's sexual harassment let me know so I can get my money's worth!" I'm an early 40s curvy married goonette. I cringe to think if I was young and pretty. Get your money's worth out of that forklift ticket
|
|
#
?
Oct 7, 2023 16:18
|
|
|
Yeah gently caress the bespoke apps that can access your poo poo. I'm talking about generic or universal ones. Also use the forklift and make a pun about penetration after. No jury will covict you.
|
|
#
?
Oct 7, 2023 16:32
|
|
|
Saw something legitimately traumatic today in the shop, I might take some time
|
|
#
?
Oct 7, 2023 16:34
|
|
|
Coming from you, that is a very very scary bar to have cleared.
|
|
#
?
Oct 7, 2023 16:44
|
|
|
Ravus Ursus posted:"if they want to install an app on my phone they'll have to pay my phone bill." What? These are very clearly different things. Driving to work is not work, if you work from home, your firm should pay for Internet and phone, but obviously not your mortgage. If a company expects you to be accessing work things in your phone, they should give you a phone.
|
|
#
?
Oct 7, 2023 17:24
|
|
|
TaurusTorus posted:We have to use Yubikeys in the cleanroom and they suck. Wearing gloves means the touch only works some of the time, and every so often they just get disabled and you have to use an alternate login and contact helpdesk and its just awful. We're testing these for exactly that use case. https://www.nymi.com/
|
|
#
?
Oct 7, 2023 17:24
|
|
|
Killingyouguy! posted:I never use fingerprint poo poo bc I assume whoever is storing the fingerprint sends it immediately to the police. Can I claim to be jehovahs witness or something to get out of that poo poo Yubikeys don’t read fingerprints you just touch them to prove you physically have access to the widget, it’s just a dumb capacitance thing not a clever biometric device.
|
|
#
?
Oct 7, 2023 17:25
|
|
|
Yeah gently caress Microsoft and gently caress their authentication app. Not because of what it does, but for how long it takes and how complicated they made it. I have multiple accounts to juggle and spent hours trying to make it work. Also gently caress Microsoft and the azure/teams bullshit. Why have multiple websites to administrate aspects of the same account? Just have a single portal login ffs.
|
|
#
?
Oct 7, 2023 17:36
|
|
|
I'm not sure if you know but most of the authenticator apps are just implementations of the TOTP protocol. So if you already have authy or something on your phone you can use it even if the software tells you to use ms authenticator.
|
|
#
?
Oct 7, 2023 18:07
|
|
|
Mantle posted:I'm not sure if you know but most of the authenticator apps are just implementations of the TOTP protocol. So if you already have authy or something on your phone you can use it even if the software tells you to use ms authenticator. I don't understand that nerd poo poo. Why not have an admin insert your phone number into a database and have Microsoft send a text message with a code like every other dumb app and website?
|
|
#
?
Oct 7, 2023 18:27
|
|
|
Outrail posted:I don't understand that nerd poo poo.
|
|
#
?
Oct 7, 2023 18:32
|
|
|
Outrail posted:I don't understand that nerd poo poo. Because SMS requires a working network signal and the OTP method requires absolutely no connectivity at all, it’s just nerd maths based on what time it is.
|
|
#
?
Oct 7, 2023 18:33
|
|
|
History Comes Inside! posted:Because SMS requires a working network signal and the OTP method requires absolutely no connectivity at all, it’s just nerd maths based on what time it is. Outrail posted:I don't understand that nerd poo poo.
|
|
#
?
Oct 7, 2023 18:38
|
|
|
It also only takes tricking/bribing a bored mall cell phone kiosk employee to port your number to a different SIM so 2 factor SMSs go to a their phone instead.
|
|
#
?
Oct 7, 2023 18:41
|
|
|
Outrail posted:I don't understand that nerd poo poo. It just means that Authy, Google Authenticator, and MS authenticator are all compatible with each other. You don't need to register a new token in a particular software regardless of what the service you are registering says, you can just pick one and put all of your tokens in it.
|
|
#
?
Oct 7, 2023 19:01
|
|
|
Mantle posted:It just means that Authy, Google Authenticator, and MS authenticator are all compatible with each other. You don't need to register a new token in a particular software regardless of what the service you are registering says, you can just pick one and put all of your tokens in it. I'm not sure if they all would work for the Windows login authentication though, that behaves differently in the MS Authenticator app.
|
|
#
?
Oct 7, 2023 19:14
|
|
|
We use RSA tokens for 2FA. So username-> password -> tokencode. It's annoying but only mildly. The only real poo poo thing is if you forget your token at work/home. I honestly don't understand why we don't switch to a biometric system. At some point password complexity becomes too much for your average idiot and the only way they can remember a 16-character password is either by writing it down or using plain language, which kind of defeats the purpose of a complex password.
|
|
#
?
Oct 7, 2023 20:06
|
|
|
Absolutely no chance in hell am I trusting any company dumb enough to employ me with my biometric data
|
|
#
?
Oct 7, 2023 20:07
|
|
|
History Comes Inside! posted:Absolutely no chance in hell am I trusting any company dumb enough to employ me with my biometric data (We're also the government so double shrug I guess)
|
|
#
?
Oct 7, 2023 20:09
|
|
|
People really need to make better or in most cases any use of key vaults.
|
|
#
?
Oct 7, 2023 20:10
|
|
|
Shoehead posted:Saw something legitimately traumatic today in the shop, I might take some time poo poo I didn't even finish typing this out I was really out of it. A kid fainted and smashed her head into the corner of our counter this morning and was fully out for a few minutes. I legit thought she was dead, her head snapped off that thing hard as hell. I was on my own with her mom trying to roll her over while my boss hid in the corner and eventually she came over to check her skull and neck (she's an Order of Malta volunteer). She left on her own power, Boss interrogated her a little, (for her own guilt I guess) and it turns out she hadn't eaten at all which is a really bad idea. She insisted to her mom she wouldn't eat for the rest of the day either. It's her 13th loving birthday. It's not.. Good After they left my arms went all floppy, I felt like rayman with no arms or legs but hands and feet. The boss sat down like nothing happened and I had to go right back to piercing almost immediately, finished the day. I kept saying things the wrong way around for my aftercare spiel. I called my wife at lunch and it helped. Not in til Tuesday, but I might call in sick
|
|
#
?
Oct 7, 2023 22:12
|
|
|
As someone who was concussed quite a few times as a teenager (idiot male, underage drinking, played rugby): a few minutes is a long time to go sparko.
|
|
#
?
Oct 7, 2023 22:21
|
|
|
If you're fully out for any amount of time you rally should go to a hospital. Unless you life in a fourth world shithole where medical attention can financially cripple you I guess.
|
|
#
?
Oct 7, 2023 23:34
|
|
|
It's free you just have to wait for ages. I'm worried about her neck too
|
|
#
?
Oct 7, 2023 23:58
|
|
|
At that age, with that time out cold, initial triage should immediately bypass a lot of that wait. They're a lot better about it than they used to be.
|
|
#
?
Oct 8, 2023 00:05
|
|
|
zedprime posted:If I was you nerds' it admin I'm buying $15 refurbished children's tablets if I don't already have a yubi implementation that I can use to give you a 16 step yubikey factor out of retaliation. I really wouldn't mind as long as it was their device. Last place I worked had something like that, I just left it in a drawer until I needed it. I don't object to 2FA, I object to using my personal gear for work. Work devices mean nothing personal, personal devices mean nothing work, no chance of being involved in the relentless parade of fuckups that I've seen over the years when people didn't stick to that.
|
|
#
?
Oct 8, 2023 00:53
|
|
|
zedprime posted:If I was you nerds' it admin I'm buying $15 refurbished children's tablets if I don't already have a yubi implementation that I can use to give you a 16 step yubikey factor out of retaliation. They have those and tried to tell us we owe 50$ if anything happens to it so very low rate of adoption. One of my old cantankerous coworkers got one and flushed it down the toilet for reasons he's yet to explain.
|
|
#
?
Oct 8, 2023 03:56
|
|
|
Azuth0667 posted:They have those and tried to tell us we owe 50$ if anything happens to it so very low rate of adoption. One of my old cantankerous coworkers got one and flushed it down the toilet for reasons he's yet to explain. He mixed up #2 and 2fa
|
|
#
?
Oct 8, 2023 03:59
|
|
|
Ravus Ursus posted:"if they want to install an app on my phone they'll have to pay my phone bill." Yes, why aren't you? The business office got so tired of my nonsense they issued a credit card for me.
|
|
#
?
Oct 8, 2023 04:02
|
|
|
Azuth0667 posted:Yes, why aren't you? The business office got so tired of my nonsense they issued a credit card for me. Using your Karen powers for good, nice.
|
|
#
?
Oct 8, 2023 04:32
|
|
|
Azuth0667 posted:They have those and tried to tell us we owe 50$ if anything happens to it so very low rate of adoption. One of my old cantankerous coworkers got one and flushed it down the toilet for reasons he's yet to explain. 
|
|
#
?
Oct 8, 2023 05:28
|
|
|
|
| # ? Jun 6, 2024 16:28 |
|
|
Pyrtanis posted:Content: I'm now working for a heavy equipment rental place in a very rural area. Some older guy in a full on cowboy outfit comes in, leers at me and cracks a gross joke, then looks at me and says: Sup fellow industrial goonette, it it time to take stewardship and lead the way in ball breaking yo momma jokes. ps. Ew that guy 
|
|
#
?
Oct 8, 2023 06:10
|
|
