|
The Fool posted:Passwords are objectively bad Only if they make sense
|
![]() |
|
![]()
|
# ? Jun 10, 2024 16:26 |
|
We have some garbage called TruU and I hate it
|
![]() |
|
Silly Newbie posted:I'm exclusively stateside and none of that applies. It's also worth pointing out that "PIN" in current MS-speak is just "password". I have no idea why they decided to do that, but they have. What you are actually proposing is Good and Proper and I salute you.
|
![]() |
|
Arquinsiel posted:It's also worth pointing out that "PIN" in current MS-speak is just "password". I have no idea why they decided to do that, but they have. The PIN doesn’t go beyond the on-device TPM, supposedly.
|
![]() |
|
AAAAA! Real Muenster posted:Its amazing how people that a deathly afraid of confronting people with bad news end up as managers. gently caress Jeff and his boss. Managers who are like this want power, not responsibility.
|
![]() |
|
Powerful Two-Hander posted:I never know how many people this meme ever makes sense to or even where it came from but: Was preparing to post it until I saw this, so at least one other person.
|
![]() |
|
Quackles posted:The PIN doesn’t go beyond the on-device TPM, supposedly. Yeah Both PIN and biometrics unlock the same certificate store local to the device, which then enables the device to use a certificate to authenticate with aad.
|
![]() |
|
Arquinsiel posted:Incorrect! GDPR applies to EU citizens, not EU territories! the EU has made their decision, now let them enforce it
|
![]() |
|
Arquinsiel posted:Incorrect! GDPR applies to EU citizens, not EU territories! We don't have any of those, and it's my understanding that the GDPR does not protect EU citizens living in non-EU areas. It's still something I bring up every time some bright person in leadership suggests expanding into an EU country like it's as simple as setting up shop in a new US state. And thank you, it's part of my mission to Federate loving Everything. I don't want people messing around with 15 different passwords, just tell it your email address and press button on phone.
|
![]() |
|
SerthVarnee posted:No disability? Since when did you get cured of epilepsy? You know what I did think about putting that on there but changed my mind at the last minute! I didn't want to lean too hard into the visible/ invisible bit until I'd had a chance to actually meet them, of course now I know I should have so that I could have demonstrated how I filled it in much better than they did and thus am officially "the most diverse person in this room by default". e: I am saving a "excuse me!" when someone says "brainstorm" for a special occasion.
|
![]() |
|
Quackles posted:The PIN doesn’t go beyond the on-device TPM, supposedly. Silly Newbie posted:We don't have any of those, and it's my understanding that the GDPR does not protect EU citizens living in non-EU areas. It's still something I bring up every time some bright person in leadership suggests expanding into an EU country like it's as simple as setting up shop in a new US state. ![]()
|
![]() |
|
Spikes32 posted:Lol the hubby works at ericcson in R&D. I'll ask him if he's heard anything about it from folks on the corporate/service side. Supposedly it was specific to att software running on ericcson equipment. Thought around the office is it was some sort of attack, but they haven't heard any specifics from att at all.
|
![]() |
|
Arquinsiel posted:Yeah but it confuses people who are used to "PIN" meaning a four digit number for their debit card. PINs are 4 or 6 digit numbers by default. They are also categorically not you password, if you try to login to say MS365 on the web with your PIN in the password field it ain't gonna work.
|
![]() |
|
On my work laptop when I signed in the first time Windows had me make a “PIN” which is just a password. It’s not my SSO password as it only unlocks the Lock Screen but it’s a password in all but name cause it needs letters and poo poo. I’ve had to rotate it and I’m on hunter6 now or whatever. Incrementing the number works. E: I have a Jeffrey on my project too. How old is everyone’s Jeff? I’m wondering if it’s like a common generational name. The Jeff I work with threw me under the bus because I couldn’t read his mind and anticipate what he wanted vs what he said. Straight up said something like "Yeah I talked with Boris and told him I wanted x and y, so I’m not sure why he doesn’t have it on time" in a meeting. My guy you said you wanted z asap. You literally said right here in this teams message if I could focus on z because you needed it asap for this meeting today where you implied that I was slacking off to the rest of the team. “Oh well z implies x and y.” ?????? Boris Galerkin fucked around with this message at 05:02 on Feb 23, 2024 |
![]() |
|
~Coxy posted:PINs are 4 or 6 digit numbers by default. ![]()
|
![]() |
|
thats on you for setting your account password and pin to the same thing
|
![]() |
|
Boris Galerkin posted:
He's in his late 50's, I think? Definitely got boomer brain, even if he wasn't strictly born in that generational timeframe
|
![]() |
|
So if I'm following it correctly, a PIN in this context is a string of characters that is checked locally and used to allow/deny access to computer and network functions, while a password is... a string of characters that is checked... non-locally and used to allow/deny access to computer and network functions? Or, a PIN is explicitly only accepted in combination with multiple factor authentication while a password doesn't necessarily require that? Or...? I'm having trouble with the meaningful distinction here. This isn't some gotcha, I'm actually unfamiliar with the terms and situation.
|
![]() |
|
Atopian posted:So if I'm following it correctly, a PIN in this context is a string of characters that is checked locally and used to allow/deny access to computer and network functions, while a password is... a string of characters that is checked... non-locally and used to allow/deny access to computer and network functions? It’s confusing as gently caress because for 100% of the world pin is a 4 digit number you use alongside your bank card or to unlock your phone or whatever. But Microsoft has decided to call a password a PIN that is for a specific device: https://support.microsoft.com/en-us...ef-1324f2114b19 quote:A PIN is a set of numbers, or a combination of letters and numbers, that you choose yourself. Using a PIN is a quick, secure way to sign in to your Windows device. Your PIN is securely stored on your device. But like, it’s literally just the password you enter on the lock screen of every windows computer ever. You know, your account password. EXCEPT it’s not your account password, because for business computers your account password is usually some SSO password that lets you sign into O365.
|
![]() |
|
in the context of windows "passwordless" implementation a "device pin" is a string of letters and numbers that can be used to unlock the device that it is configured on the pin and/or biometric is then used to unlock a certificate store that id used to authenticate you with network resources this combined with mfa from the ms authenticator app and a robust sso implementation is supposed to eliminate the need for the use of account passwords
|
![]() |
|
Boris Galerkin posted:
it's only the same on every device if you make it the same the whole point is that it is a single device only secret
|
![]() |
|
and yes ms and it departments everywhere are poo poo at communicating the concept
|
![]() |
|
Ah, OK, thanks. "Password tied to physical device rather than account" makes sense. Not always different but can be.
|
![]() |
|
lol the “report phishing” button on my outlook just seems to sit and spin so I ended up just deleting the obvious phishing attempt, probably IT trying to entrap me yet again but I am too clever for them!! (At this company, last company IT got me with the old “time to select your laptop upgrade!” Fake IT email, bastards know my weakness)
|
![]() |
|
10 back to back meetings totalling 5 hours on a Friday afternoon ![]() Boris Galerkin posted:It’s confusing as gently caress because for 100% of the world pin is a 4 digit number you use alongside your bank card or to unlock your phone or whatever. The PIN is a short unlock/identity check. Corporate machines would not use it because it is "insecure" as it is by design, short. But for home use it saves entering an entire account password if you've enabled account logins on the machine i.e. on boot my desktop wants it to authenticate me instead of entering my 20 character passphrase. It can also be called by applications e.g. one of the Keepass apps uses it to Auth you when taking a password out, I guess as a "you left your vault unlocked and someone copied out your password" protection. PIN itself has a basic meaning, it's used all over the place as an unlock key so that by itself is, imo, completely clear. Android calls your unlock numeric 6 digit code a PIN as well. e: like don't get me wrong, Microsoft is getting progressively more poo poo about UX and documentation and basically everything involving user interaction, I think "set an unlock PIN" is pretty clear? Clearer than "you need to update your family security policies (if you want to change them you might not)" message it showed me the other day about my home 365 account. Powerful Two-Hander fucked around with this message at 10:51 on Feb 23, 2024 |
![]() |
|
bee posted:He's in his late 50's, I think? Definitely got boomer brain, even if he wasn't strictly born in that generational timeframe Oh, I think the Jeff I work with is in his 20s, maybe 25ish. Anyway, I declined my first useless meeting with him today. He’s probably going to be super upset but the meeting is a MWF 9am that lasts for an hour. He wants the entire team on the call to give status updates. This should take 10 minutes, but then he uses the time to dig in. So I’m sitting there for an hour listening to people talk about poo poo I don’t know about or care about. People joke about meetings having pre-meetings and this 9-10 is exactly that: it’s his prep time for another meeting at 11am with a stakeholder. So I sit through a 9-10, and then at 11-12 I sit through the exact same thing again. He gives his updates and then hands off to me to give my updates. So I have to give the exact same update twice. I was ok with sitting through the 9-10 half paying attention but I’m super duper salty that he called me out for doing exactly what he asked for and not anticipating that his ask implied other things in addition. Boris Galerkin fucked around with this message at 13:14 on Feb 23, 2024 |
![]() |
|
The Fool posted:it's only the same on every device if you make it the same
|
![]() |
|
The Jeff I work with is rad as hell. Be jealous, h8ers
|
![]() |
|
Renegret posted:The Jeff I work with is rad as hell. yea im pro jeff
|
![]() |
|
How do we feel about Geoffs?
|
![]() |
|
Only Microsoft could come up with a "Passwordless" security solution that creates unsynched local accounts on all your devices and makes you create a password for each of them.
|
![]() |
|
the account itself is still synced, and the pin was intended as a fallback for when biometrics weren't available
|
![]() |
|
priznat posted:lol the “report phishing” button on my outlook just seems to sit and spin so I ended up just deleting the obvious phishing attempt, probably IT trying to entrap me yet again but I am too clever for them!! (At this company, last company IT got me with the old “time to select your laptop upgrade!” Fake IT email, bastards know my weakness) The phishing exercises get a lot easier when you realize that they have tacitly agreed to let you send any bullshit email you don't like into their Phishing Queue by virtue of them sending out the exercises
|
![]() |
|
It’s Friday and that means it’s nautical themed Friday! Every Friday for the last eight years I’ve worn one of my nautical themed shirts to work because I’m weird and I have like eight of them. It started as a rebellion to Hawaiian shirt Fridays another coworker was trying to start many jobs ago. I didn’t think anyone cared but when I stopped wearing them at one point a couple jobs ago people got upset so I kept up this tradition. I suppose I’m also glad I’ve worked in environments where no one cared that much about what I was wearing. Anyway happy Friday Also the Jeff I worked with a couple jobs ago was cool enough, he was my manager before getting promoted to the cybersecurity team
|
![]() |
|
Powerful Two-Hander posted:Corporate machines would not use it Oh, that's where you're very, very wrong.
|
![]() |
|
SpartanIvy posted:How do we feel about Geoffs? Somewhat inversely, more tolerable the more stereotypically old money they look and act. The chunkier the glasses and cozier the cardigan, the better.
|
![]() |
|
SpartanIvy posted:How do we feel about Geoffs? AAAAA! Real Muenster posted:gently caress Geoff. The Geoff on my team is actually pretty cool, but can get a little talkative
|
![]() |
|
gently caress all Jeffs but Geoff I guess
|
![]() |
|
Trabant posted:Oh, that's where you're very, very wrong. Ok let me change that to "should not". I mean, if you care about the data.
|
![]() |
|
![]()
|
# ? Jun 10, 2024 16:26 |
|
Powerful Two-Hander posted:Ok let me change that to "should not". This is also wrong
|
![]() |