|
I don't work in IT, I'm a user, but this might be amusing to some of you: my company (which is the largest in its field in the US) recently decided to make us change our passwords occasionally. Actually I think it was already technically a rule, they only just bothered to start enforcing it. That's a good thing, the funny part is that they didn't bother to announce it. After they got enough complaints from people who couldn't log in, they sent out an email with a link to the password-reset page, which would be dandy if we could, y'know, get in to read it. Our manager eventually took a screenshot of said email and texted it to us on our cellphones. When I finally got to the password-reset page, it didn't mention that it had a length requirement until it loaded a separate page saying "your attempt failed," that didn't have the boxes to try again, so I had to click the link at the top to go back to the original page to try again. They did get all this done in a day and a half, but I think it could have been implemented better -- tell us it's going to happen beforehand, tell us what the requirements for the new password are on the "enter old aand new passwords" page, have the spaces for trying again on the "it needs to be more secure, dumbass" page, &c.. (also, the too-short one I tried was plenty secure, 8 characters including letters, one capitalized, and numbers.) Chillbro Baggins fucked around with this message at 17:15 on Nov 10, 2018 |
# ? Nov 10, 2018 17:12 |
|
|
# ? May 6, 2024 15:51 |
|
Chillbro Baggins posted:I don't work in IT, I'm a user, but this might be amusing to some of you: my company (which is the largest in its field in the US) recently decided to make us change our passwords occasionally. Actually I think it was already technically a rule, they only just bothered to start enforcing it. Poorly implemented on your IT departments side, should have communicated better, and i would have done it in phases to test it and reduce the load on the helpdesk. but an 8 character password is not secure no matter how many special characters you use. It can be brute forced in minutes.
|
# ? Nov 10, 2018 19:49 |
|
I mean, it shouldn’t be able to be brute forces in minutes if your system has an appropriate lockout after like 3 failed attempts Not that I’m totally disagreeing with you
|
# ? Nov 10, 2018 20:01 |
|
RFC2324 posted:but an 8 character password is not secure no matter how many special characters you use. It can be brute forced in minutes. Fair play. Levitate posted:your system has an appropriate lockout after like 3 failed attempts It does. It's more than three, but not THAT much more.
|
# ? Nov 11, 2018 00:12 |
|
Levitate posted:I mean, it shouldn’t be able to be brute forces in minutes if your system has an appropriate lockout after like 3 failed attempts Also just important to never fully trust any single step. When some bug gets introduced to bypass lockout attempts someone’s going to be drinking and/or swearing.
|
# ? Nov 11, 2018 01:43 |
|
I'm went on record with my VP that I don't have enough work to do. I can't figure out if my immediate supervisor is just so slovenly that she can't deliver me tasks, or if she's playing some kind of 4D chess and trying to make me look bad.
|
# ? Nov 12, 2018 21:09 |
|
The Macaroni posted:I'm went on record with my VP that I don't have enough work to do. I can't figure out if my immediate supervisor is just so slovenly that she can't deliver me tasks, or if she's playing some kind of 4D chess and trying to make me look bad. I feel like no matter which way you go it seems like a bad idea. Alerting people to the fact you aren’t being utilized would seem like you are telling your employer that they don’t need you.
|
# ? Nov 12, 2018 22:14 |
Infosec added Firefox and Chrome to their list of things to update as part of mitigation.. Firefox and Chrome, products which generally update themselves whether you like it or not.
|
|
# ? Nov 13, 2018 00:52 |
|
skooma512 posted:Infosec added Firefox and Chrome to their list of things to update as part of mitigation.. Eh, technically turning off updating is incredibly trivial for both products. Seems like a good idea to add it to mitigation plans. Auto updating isn't always super reliable.
|
# ? Nov 13, 2018 01:07 |
|
Yeah, actually verifying the auto update is working as intended is a good idea.
|
# ? Nov 13, 2018 01:38 |
|
The Fool posted:Yeah, actually verifying the auto update is working as intended is a good idea. And to expand upon that, turning off auto updating could have a benefit if you totally discount the labor involved. For example if an update to either product showed to have an issue with software you currently use or somehow caused its own security issues. You would have to have a team constantly check/test new updates as well as deploy them though. I assume some orgs out there do that.
|
# ? Nov 13, 2018 02:00 |
|
Sickening posted:I feel like no matter which way you go it seems like a bad idea. Alerting people to the fact you aren’t being utilized would seem like you are telling your employer that they don’t need you.
|
# ? Nov 13, 2018 19:06 |
|
I haven't done anything with Windows clients for so long that today I managed to completely forget that group membership is only evaluated on logon. Wasted a good chunk of time wondering why removing an account from a group that was controlling access to a share wasn't having any effect.
|
# ? Nov 13, 2018 20:22 |
|
The Macaroni posted:Boss responded by giving me a stack of projects to do. Which I'm actually grateful for, don't get me wrong. Hopefully I get this all done in a timely way and manage to tell Big Boss "Huh, kinda funny that I didn't have anything to do until suddenly I did. Good thing I didn't have anything to do with that, right?" During a little bit of a lull in our work, I told my boss (who is a really chill guy) that maybe the three of us should apply for a second all remote technical job doing help desk or something that we can all job-share and split the salary three ways. I figure we weren't busy enough, and had the bandwidth for more tasks, might as well get paid for it. He did not think it was funny at all.
|
# ? Nov 13, 2018 20:58 |
|
Thanks Ants posted:I haven't done anything with Windows clients for so long that today I managed to completely forget that group membership is only evaluated on logon. Wasted a good chunk of time wondering why removing an account from a group that was controlling access to a share wasn't having any effect. You can wait for the Kerberos token to refresh (30 days ). I know there's a command to purge the entire local token list. I believe it's klist if I remember correctly. Windows does not expect this so it wont ask the DC for a new token automatically (you'll get permission denied on absolutely everything). What you want after purging is to shift right click any exe and select runas and type in the domain\USER of the logged in user and their password. This will cause it to authenticate against the DC since it doesn't have a local token. It will now be updated. It feels really hacky to do, I haven't done it in forever since people should be rebooting more often anyway. It does come in handy when you really can't log someone off and log them back in though. (think C-level with 1,000,000 things open)
|
# ? Nov 13, 2018 21:08 |
|
pixaal posted:You can wait for the Kerberos token to refresh (30 days ). This is a really cool trick.
|
# ? Nov 13, 2018 21:19 |
|
klist just lists your tokens, I'm thinking kdestroy is the command you're after. But I've never worked with kerberos under windows, just unix based systems.
|
# ? Nov 13, 2018 21:23 |
|
I think it's "klist purge" that allows you to select individual tickets to delete, then follow the above suggestion to grab a new one.
|
# ? Nov 13, 2018 21:29 |
|
People who use snowflake characters in usernames. Alternately: Having to account for people who use snowflake characters in usernames and having to create strange rules and regex strings to escape them out. Chuckleheads who use ANSI strings can rot in an especially damp, dark cell somewhere.
|
# ? Nov 14, 2018 00:57 |
|
Agrikk posted:People who use snowflake characters in usernames. If my username can't have an eggplant emoji in it I don't even want to use your service
|
# ? Nov 14, 2018 01:09 |
|
Thanks Ants posted:Are you using Direct Routing? Teams won’t match incoming calls to contacts stored in the GAL which made us shelve the project until they sorted it. Yeah, we're on Direct routing. Haven't had any complaints for unmatched contacts yet from our test group. I'll do some testing tomorrow. Are these external contacts in the GAL or members of your organization?
|
# ? Nov 14, 2018 05:17 |
|
Firewall changes at work making everything slow. Also weirdly formatted code seeming not touched since 2005.
|
# ? Nov 14, 2018 06:26 |
|
DigitalMocking posted:Yeah, we're on Direct routing. It was company staff calling into my Teams number from their mobile, the number was stored in the GAL in the correct format. It wouldn't match against my personal (Exchange) contacts either. The latest from Microsoft was that it was expected behaviour and they were working on it as a feature update, but their support told me that, said it was in the roadmap, then closed the ticket when I asked them to highlight it on the actual roadmap presentation because I couldn't see any reference to it.
|
# ? Nov 14, 2018 10:17 |
|
poo poo that doesn’t piss me off anymore, express updates for 2016 are finally available again, so patching a server doesn’t take a loving hour+!
|
# ? Nov 14, 2018 21:26 |
|
It drives me absolutely nuts how many people in my organization think it's OK to open an IM conversation with "Hi <name>" or some variant of such and then take for loving ever to say anything of substance even after I respond. Like seriously what the gently caress is going on here, why don't people just type the entire message and then send it or at least not go AFK right as they're trying to start a conversation? Manager did it to me just now: M: Hi <name> (5 seconds pass) me: Hi <manager>, what's up? (5 minutes pass, no response) Are they too busy to talk but wanted to try? Do they just have fun breaking my train of thought while I'm working on something else? What does this accomplish? Does it make sense to anyone else? It's like calling someone and putting them on hold as soon as they pick up the phone, as I see it. Eletriarnation fucked around with this message at 22:53 on Nov 14, 2018 |
# ? Nov 14, 2018 22:48 |
|
I think it's even worse when: <person>: people talk <person>: like this <person>: in instant messages <person>: This is infuriating <person>: and I am triggered just typing <person>: this poo poo out.
|
# ? Nov 14, 2018 22:58 |
|
Eletriarnation posted:It drives me absolutely nuts how many people in my organization think it's OK to open an IM conversation with "Hi <name>" or some variant of such and then take for loving ever to say anything of substance even after I respond. Sometimes they're engaged in like 3-4 different conversations and the other ones have a higher interrupt priority.
|
# ? Nov 14, 2018 23:01 |
|
Whenever somebody opens a Slack convo with a greeting and then a vague statement about baseball I know they're about to ask me for something the explicitly know I'm not allowed to/can't do.
|
# ? Nov 14, 2018 23:02 |
|
baquerd posted:Sometimes they're engaged in like 3-4 different conversations and the other ones have a higher interrupt priority. I guess, but what's the point of starting the conversation before they're actually able to participate in it? Feels rude to demand someone else's attention when you have none of your own to give them, personally. It's been 30 minutes now and the guy still hasn't responded; it's past 5pm local and now I'm wondering at what point I can log off and leave him hanging without appearing impolite myself.
|
# ? Nov 14, 2018 23:09 |
|
Eletriarnation posted:I guess, but what's the point of starting the conversation before they're actually able to participate in it? Feels rude to demand someone else's attention when you have none of your own to give them, personally. Yeah, it pisses me off too when it happens, and more than a couple minutes is just really bad planning or playing power games.
|
# ? Nov 14, 2018 23:11 |
|
Eletriarnation posted:I guess, but what's the point of starting the conversation before they're actually able to participate in it? Feels rude to demand someone else's attention when you have none of your own to give them, personally. However ago 5pm was
|
# ? Nov 14, 2018 23:11 |
|
Eletriarnation posted:It drives me absolutely nuts how many people in my organization think it's OK to open an IM conversation with "Hi <name>" or some variant of such and then take for loving ever to say anything of substance even after I respond. How about this: <coworker>: Ping I've started just ignoring those.
|
# ? Nov 14, 2018 23:26 |
|
Fortunately I haven't encountered that variant yet - I'd probably feel compelled to ignore it too. Maybe I should give my team a presentation on the status indicator, pitching it with "so now you don't have to send people an IM just to make sure they're there! Amazing!"
|
# ? Nov 14, 2018 23:35 |
|
I'm probably a bad person, because I have always treated IMs like short emails. But at least I don't do the "Hey X," then wait for a response. It's always "Hey X - Could you give me some help with A?" and if they don't get right back to me, sometimes it's awhile before I get back to them.
|
# ? Nov 15, 2018 00:27 |
|
captkirk posted:How about this: The appropriate response is “Pong”
|
# ? Nov 15, 2018 00:34 |
|
The appropriate response is “Packets: Sent = 1, Received = 0, Lost = 1 (100% loss)”
|
# ? Nov 15, 2018 00:38 |
|
Weedle posted:The appropriate response is “Packets: Sent = 1, Received = 0, Lost = 1 (100% loss)” I'm a fan of this.
|
# ? Nov 15, 2018 00:40 |
|
Thanatosian posted:I'm probably a bad person, because I have always treated IMs like short emails. It sounds exactly like what I want people to do. I certainly don't mind anyone leading off with a salutation, but when that's all that they say I can't act on whatever they really want until they move on to something more. If they're actually responsive it's not a big deal but when you give me the salutation and then go AFK leaving me wondering why I got interrupted that's when I get annoyed. This is doubly true for people in different shifts who see me still logged in past midnight my time, for some reason think "he's actually there" instead of "he forgot to log out before going to sleep" and send me a "Hi <name>" for me to see and ponder on when I wake up. Eletriarnation fucked around with this message at 01:53 on Nov 15, 2018 |
# ? Nov 15, 2018 01:50 |
|
ratbert90 posted:I think it's even worse when: This is me but also on IRC
|
# ? Nov 15, 2018 02:06 |
|
|
# ? May 6, 2024 15:51 |
|
I don't mind the you know fragmented typing all that much except when I'm on mobile. I get it, you're on a keyboard, there's no real difference for you. I'm on a phone and things will be much easier if the entire message arrives at once and also jesus christ I'm on a phone give me a second to respond
|
# ? Nov 15, 2018 03:15 |