Swim Bike Run
Slowtwitch.com
  • Login >
Slowtwitch.com
Search menu
Hot Forum Topics

Poll

Comfort While Cycling
How much does comfort while cycling influence your overall race performance?
View Results


Home > Forum > Lavender Room > Stoopid Windows

Lavender Room

Back To ForumPrint Thread

Login required to started new threads

Login required to post replies

Tri
Classifieds
Lavender
Jobs
Notices
Stoopid Windows
Quote | Reply
HalfSpeed
Apr 14, 05 14:29
Post #1 of 11 (1187 views)
Pardon me, I'm just venting.
Our IT department implemented strong passwords on our PCs about a year ago. Strong passwords include upper and lower-case letters, numbers and symbols (parens, slashes, brackets, etc.). The password must be changed every 45 days. You enter the password everytime you fire up the computer.
I've been attempting to change my password for the past week with every reminder the computer gave me. It won't accept my new password, giving me only a message, "You password cannot be updated at this time." Today is the final day. I suppose if I don't get a password loaded, I don't have to use the damn computer anymore. I call one of our IT guys, he asks if I'm using a strong password. I say 'yes'. He emphasizes the strong password details. One that stands out that I've never used before is it must include a lower-case letter. I've never used a lower-case letter in the past. This must be a new, unannounced addition. So I create a new password with a lower-case letter and it accepts.
Why do I only get a message stating my password cannot be updated at this time rather than one that might say, 'Strong password protection is implemented on this computer. A strong password requires you use....'? But, it's Windows, right? And, in order to keep IT departments bloated and people employed, Microsoft continues to do things stoopid.

Vent over... moving over to the other side of my desk to do work on my Mac.
Proud member of FISHTWITCH: doing a bit more than fish exercise now.
Quote Reply
Re: Stoopid Windows [HalfSpeed] [ In reply to ]
Quote | Reply
Shad
Apr 15, 05 6:18
Post #2 of 11 (1152 views)
Your IT department is either lazy or stupid or both. You can customize all the return messages, I did it for all of our servers because I got tired of talking to pissed off people like you, those little messages freed up a lot of time for ass-sitting.
Quote Reply
Re: Stoopid Windows [HalfSpeed] [ In reply to ]
Quote | Reply
klehner
Apr 15, 05 6:26
Post #3 of 11 (1148 views)
Having just completed a project for a can't-be-named end customer, I can tell you that the less information the system gives a user about the password requirements, the more secure the system is. The system should not give you any hints about what you may have gotten right or wrong. It shouldn't even let you know if the user name is correct and the password is wrong, for instance. By telling you that your password must include an upper case letter, a lower case letter, punctuation, a special character, etc., you've given information to a potential hacker that makes his/her job a bit easier.

Yes, it's a hassle for the legitimate user, and probably the greater security threat is that users will write down their impossible-to-remember passwords where they can be stolen.

Welcome to the real world.
----------------------------------
"Go yell at an M&M"
Quote Reply
Re: Stoopid Windows [klehner] [ In reply to ]
Quote | Reply
HalfSpeed
Apr 15, 05 8:12
Post #4 of 11 (1134 views)
makes sense, thanks. Yup, I keep my password written down because it's too hard to remember and it only lasts 45 days before I have to change it. At the least, the message should just say, 'password not accepted'. The 'at this time' indicates to me that the system is down and I should try again, later.

There's got to be a better way. Biometrics, RFID implants, whatever. Hey, if we all get RFID implants, we won't need to wear a chip around our ankle in races, right?
Proud member of FISHTWITCH: doing a bit more than fish exercise now.
Quote Reply
Re: Stoopid Windows [HalfSpeed] [ In reply to ]
Quote | Reply
5280
Apr 15, 05 9:05
Post #5 of 11 (1128 views)
"I keep my password written down because it's too hard to remember"

LA LA LA LA LA (fingers in ears) I can't hear you:) How may charecters does it have to be? It can't be that hard. How many do they remember before you can repeat?

Try making a phrase and and taking the first letter from each word.

My dog Gryphon is 6 = MdGi6
Quote Reply
Re: Stoopid Windows [5280] [ In reply to ]
Quote | Reply
MattinSF
Apr 15, 05 9:52
Post #6 of 11 (1119 views)
Password requirements have become so convoluted that they are now counter productive. I have stickies all over my monitor with the 36 passwords I need just to get through the day...half of which need to be changed every couple of months.

Its freakin ridiculous.
----------------------------------------------------------
"A society is defined not only by what it creates, but by what it refuses to destroy."
John Sawhill
Quote Reply
Re: Stoopid Windows [5280] [ In reply to ]
Quote | Reply
HalfSpeed
Apr 15, 05 10:05
Post #7 of 11 (1115 views)
Yeah yeah yeah you heard me.
It has to be eight characters and it remembers the previous six passwords.
I do have a theme to my password. It's the upper/lower case and non-alphanumeric characters that are hard to remember. So maybe a phrase like, "My dog Slash is 6 and he eats carets."= Md/i6ahe^. I only have three chances to enter it right, then it's a 24 hour wait, or a call to IT and they assign a new PW. Too many of those calls and I can find a new job.
Proud member of FISHTWITCH: doing a bit more than fish exercise now.
Quote Reply
Re: Stoopid Windows [HalfSpeed] [ In reply to ]
Quote | Reply
5280
Apr 15, 05 10:12
Post #8 of 11 (1112 views)
24 hour wait? That is militant. Do you work for a bank or hospital?
Quote Reply
Re: Stoopid Windows [MattinSF] [ In reply to ]
Quote | Reply
5280
Apr 15, 05 10:14
Post #9 of 11 (1109 views)
yeah, I agree, 36 is a bit over the top. Our users don't have near that many. Are those all for internal systems? If so, seems like they could streamline it a bit.
Quote Reply
Re: Stoopid Windows [5280] [ In reply to ]
Quote | Reply
HalfSpeed
Apr 15, 05 10:21
Post #10 of 11 (1108 views)
[reply]24 hour wait? That is militant. Do you work for a bank or hospital?[/reply]

No, we just have an overzealous IT Manager. Funny, though, even with all this password stuff and the security stuff they've put on the servers, a virus got into the user list server and most of us were unable to log in. It was traced to someone who fell prey to a phishing scheme. More protection software to be bought and shore up another hole.
Proud member of FISHTWITCH: doing a bit more than fish exercise now.
Quote Reply
Re: Stoopid Windows [klehner] [ In reply to ]
Quote | Reply
Shad
Apr 18, 05 6:10
Post #11 of 11 (1075 views)
I agree with you about password requirements in general. But, the return messages when changing the password can be relatively descriptive because to change a password the hacker would have already had to compromise it. Then it becomes an issue of knowing what IP your users log in from (if they use RAS) or what time they work (if they work from home or another site). I only have a handful of users on nights and usually have one or two at our facility in China so if any other user is on a 2 in the morning it is a huge red flag. And before you ask, yes, I just finished reading through the logs for the weekend (they don't call me a super geek for nothing).
Quote Reply
Back To ForumPrint Thread

Our Partners

transition-DOT-area-AT-slowtwitch-DOT-com

Advertise with us

©1999-2024 Slowtwitch, Inc., and Slowtwitch.com
Reproduction of material from any Slowtwitch.com page
without written permission is strictly prohibited.