|
My employer just recently implemented 2-factor authentication. It took me 18 text messages and over 3 hours to get everything working again, and I'll get to do it monthly. I'm campaigning now for a job number to charge for the time it takes to change my password. It takes 4 text messages to get back into my laptop, Skype, Teams and the corporate intranet, 2 each for the 5 servers I'm responsible for, and another 4 to get my phone authorized. And the passwords have to be 9+ characters, at least 1 number, at least one upper case letter, at least one lower case letter and at least one special character, no more than 2 of any character in a row, and can't match any of your 12 previous passwords. I guess it's just one of the hazards of working for a multinational company based in Europe; my previous employer was pretty much at the other end of the spectrum - the CEO's user id and password were both "chris".
|
|
|
|
|
RDM Jr wrote: ... get to do it monthly ... and can't match any of your 12 previous passwords ...
Those two requirements are so common that they have a very easy fix that I have been using for over 20 years ... Include the first 3 chars of the month name. It is not perfect, but when one does not use machines at weekends or whilst on holiday, the 31 day months are compensated by extra no-work days.
|
|
|
|
|
That's exactly why they made it your previous 12 passwords, so that when January rolls around you can't go back to your previous January one, etc. I suppose you could do something like YYmmm for a prefix or suffix.
|
|
|
|
|
You will need 2 post-its to remember it.
I'd rather be phishing!
|
|
|
|
|
No !! Passphrases are muuuuuch better than any of these BS requirements. Correct horse battery stables !!
My passwords are actually all capitals with minimum 24 chars and non-dictionary words. Good luck to beat this with a complicated 8 char with capital and symbol.
|
|
|
|
|
Ours does not prohibit various characters but it prohibits words found in their directory. I find that very annoying because most of my passwords involve my opinion of this policy.
What bugs me most about the whole thing is the frequency of changing passwords - currently every three months or four times per year. I am OK with strong passwords but if the password is so strong why should we have to change it so often? I think that is counter-productive and only serves to increase potential risk.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
Agreed.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
Rick York wrote: What bugs me most about the whole thing is the frequency of changing passwords - currently every three months or four times per year. We had to change it every 6 weeks during almost a year in a previous company... eventually a top manager had problems and then we went to once every 6 months.
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
While I dislike frequent pw changes, from a corporate point of view, it presents some "window" in which they know that stolen or lost passwords will become useless.
It was only in wine that he laid down no limit for himself, but he did not allow himself to be confused by it.
― Confucian Analects: Rules of Confucius about his food
|
|
|
|
|
I can understand that and kind of agree too, but 6 weeks... when there are workers that don't come to the office for periods bigger than that because they are working abroad... that's silly.
We had the issue that soon after the change to 6 weeks policy, a colleague was in holidays and then the first day of work went directly to the airport for a project in the U.S.A. First day there, he logs in (no notice about password because he is offline), at a certain point during the day open VPN and call emails (no notice about needing new password because the windows only check at initialization of the session), then switch off VPN again...
Next day: He can't log in (offline) because windows complain about the expiration of the password, he can't log with other credentials because the AD-Server is not reachable without VPN (and without logging in first), he can't log in with local user because policy of the company didn't allow to have any local user.
Conclusion: the company had to send him a new laptop by post where the password was change by another co-worker so he could log in and continue working. Luckily the encryption done by our IT was not that good and he could bypass it and get all needing information for the project and current software versions unmounting the SSD and connecting it with an USB-Chase.
At the end he had to stay 1,5 week longer to recover the lost time and there were over 7000€ additional costs.
We were laughing for weeks and he was mad on IT for months
I had a similar situation too, but in my case were only 25 km distance, so I just drove to the company, changed my password and wrote a rant email to my boss and the central IT (but I still was magnitudes nicer than the other guy )
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
8 Characters? Easy... SnowWhiteAndTheSevenDwarves
|
|
|
|
|
Nostromo (7 crew-critters + the ALIEN)
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
And yourself would make 9.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
|
|
Do sick boats go to the dock?
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
No, but criminal boats do.
|
|
|
|
|
Only if they're caught hiding boaties in the lake.
|
|
|
|
|
I thought they went to the sick bay???
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
I'm sitting on the dock of the bay...
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
Watchin' the tide roll away...
Software Zen: delete this;
|
|
|
|
|
From what I sea, one of today's best: + ;
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Maybe, unless they are scared of Bones.
|
|
|
|
|
No. The sunk costs are too high.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
I depends up just what sails them in order to avoid stern penalties (oar so I heard).
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|