994

"why would i change my passwords?" (pawb.social)

submitted 11 months ago by tibor@pawb.social to c/programmerhumor@lemmy.ml

52 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] AnonymousLlama@kbin.social 80 points 11 months ago* (last edited 11 months ago)

Need the opposite costume, the overly eager sys admin.

wants to force password changes once a month for security
constantly changing security policies to reflect the flavor of the month
constantly sends out phishing emails tests, wonders why no one replies to any of his emails

[-] RarePossum@programming.dev 19 points 11 months ago

My fucking uni is trying to move to passwordless, but you will always need a password to log onto any lab device, and to the wifi, so why?

[-] newIdentity@sh.itjust.works 8 points 11 months ago

I mean you don't actually need a password for that when it's implemented the right way

[-] metaStatic@kbin.social 16 points 11 months ago* (last edited 11 months ago)

...implemented the right way

see

...you will always need a password

[-] idunnololz@lemmy.world 17 points 11 months ago* (last edited 11 months ago)

A website once complained my password contained 3 consecutive letters there were 1 away from each other. This was back when I used sentences for passwords. It was complaining about the word worst because of r-s-t.

[-] TheSaneWriter@lemmy.thesanewriter.com 11 points 11 months ago

That's wack. Passphrases are second only to random passwords generated by a password generator in terms of security, character proximity doesn't matter with that much length.

[-] weariedfae@lemmy.world 2 points 11 months ago

Jesus fuck

[-] Pyrux@programming.dev 10 points 11 months ago

Then they have you make it some 12 character length minimum string with mixed case and special characters and dictionary lookup so it isn't some common phrase but you're also logging in through a telnet instance onto a Unix system.

[-] MaxVerstappen@lemmy.world 8 points 11 months ago

As someone in the InfoSec field, I also hate those people.

[-] magic_lobster_party@kbin.social 5 points 11 months ago* (last edited 11 months ago)

Sysadmin: “A clear indication of phishing email is the sense of urgency. We would never send out any email regarding urgent updates that needs immediate action.”

Also sysadmin: “URGENT!!! You must update your system now before Friday!!! Click link here for instructions! Otherwise you will be locked out!”

[-] AnonymousLlama@kbin.social 3 points 11 months ago

Spot on. We're changing XYZ policy and we need everyone to do this training within the week. Wait, why's no one opening my emails

[-] tchotchony@mander.xyz 1 points 11 months ago

Then do this to computer-shaped instrument controller systems that have accounts that can not have passwords changed or the application won't run. Or service accounts, so if you pop in after 6 months, nobody knows the current password and the IT guy only comes in 2 hours/week. And that was yesterday. And no, no contact information present...

this post was submitted on 24 Jul 2023

994 points (98.3% liked)

Programmer Humor

31314 readers

26 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

founded 4 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

cat_programmer@lemmy.ml