Page 1 of 1
The OpenBSD Crowd are a bunch of masturbating monkeys....
Posted: Wed Jul 16, 2008 8:29 pm
by Kamikazee
Posted: Thu Jul 17, 2008 5:50 pm
by spud
hurray! you win at nerd!!! 
I pretty much agree tho, some of the pure fucking idiocy that gets passed off as IT security makes me want to shit. Wait until you work for a decent sized company mate and prepare to marvel at the vigorous retardation and spectacular stupidity that goes unchallenged in the name of security.
Posted: Thu Jul 17, 2008 8:32 pm
by disgracian
I can attest, to some small degree, to that. I've only spent a couple of weeks there, but the tie I have to wear is definitely not the only thing giving me that suffocating feeling.
Posted: Thu Jul 17, 2008 8:53 pm
by spud
the one thing that annoys me mightily are those shitheads who have bought into the idea that forcing people to create a password of minimum length 8 that must contain at least one number and one upper case letter. Not so bad on it's own but to then go and force users to change it once a month and not allowing it to be the same as their previous 5 passwords? Stupid. The net result of that security policy? Users write their password down on a post it and stick it to their monitor. Real secure dipshit. Especially useless in an internal facing server with no net connection.
Posted: Thu Jul 17, 2008 9:17 pm
by jof
Posted: Fri Jul 18, 2008 9:28 am
by disgracian
Posted: Fri Jul 18, 2008 5:20 pm
by spud
yeah Dis, leet is a guaranteed strong password, but try explaining it to a 50 year old secretary :'(
Keyboard is the first place you look if it's not stuck on the monitor. I used to sit next to a guy who would draw little rebuses of his passwords and stick them on his monitor.
Posted: Fri Aug 01, 2008 11:24 am
by Leone
One method I saw was a little device you carry around that spits out a new 8 digit key every 60 secs. You then add your own 4 digit PIN at the start to give you a 12 digit password that changes every minute. Pretty neat (unless you lose it....even then there's no corporate marking on it).
Posted: Fri Aug 01, 2008 4:48 pm
by spud
at work we have accesslink cards, they look like calculators with no operator keys. To login you put a 4 digit key into it and it spits out a 6 digit "password". This is something I have no issue with since the 4 digit key never changes (well never forces a change, you can change it if you like). It's reasonably secure since the card is useless by itself and it requires both a login ID and the 4 digit key before it can log you on.