Page 3 of 5 FirstFirst 12345 LastLast
Results 31 to 45 of 67

Thread: Yet another website wrecked....

  1. #31
    Join Date
    25th June 2012 - 11:56
    Bike
    Daelim VL250 Daystar
    Location
    Pyongyang
    Posts
    2,489
    Quote Originally Posted by Gremlin View Post

    However, if you can't type your password correctly and keep getting locked out,...
    I dont get this BS where IT dept says you have to change your password every 30 days. If someone knows your login ID and CAN hack/guess your password after 30 days, surely afterawhile they get better and do it in less than 30 days....
    It gets to the point that you've used so many easy to remember password that you default to the bare minimum criteria and actually make it easier for any potential hackers...
    You dont hear locksmiths saying hey you need to rekey your car or house every 30 days, soembody might have been trying to pick your locka nd their getting close to cutting a master key for your house.....
    Govt gives you nothing because it creates nothing - Javier Milei

  2. #32
    Join Date
    31st March 2005 - 02:18
    Bike
    CB919, 1090R, R1200GSA
    Location
    East Aucks
    Posts
    10,425
    Blog Entries
    140
    Depends on dept, personally I don't agree with rolling passwords for many of the reasons you point out. Often the password is written on a postit and stuck on the monitor. However, for some ISO standards etc, as part of a company gaining the accreditation, there are specific requirements, including passwords having an age. Locking out the account after too many incorrect attempts certainly has value, as it slows down any attempt to crack.

    As for the locksmith/key analogy, well, they can only attempt access when standing in front of your house and giving it a crack. Your network account is often open 24/7 to the world (how else do you get your emails on your mobile - access is a double edged sword).

    You'd only have to monitor firewalls (part of what I do) to see the massive attempts at trying to gain access. Eastern bloc and China/Asia are the most common sources. It's easy when things go well to underestimate security, but you'll realise that when it's too late.
    Quote Originally Posted by Jane Omorogbe from UK MSN on the KTM990SM
    It's barking mad and if it doesn't turn you into a complete loon within half an hour of cocking a leg over the lofty 875mm seat height, I'll eat my Arai.

  3. #33
    Join Date
    7th January 2014 - 14:45
    Bike
    Not a Hayabusa anymore
    Location
    Not Gulf Harbour Either
    Posts
    1,460
    Quote Originally Posted by R650R View Post
    I dont get this BS where IT dept says you have to change your password every 30 days. If someone knows your login ID and CAN hack/guess your password after 30 days, surely afterawhile they get better and do it in less than 30 days....
    It gets to the point that you've used so many easy to remember password that you default to the bare minimum criteria and actually make it easier for any potential hackers...
    You dont hear locksmiths saying hey you need to rekey your car or house every 30 days, soembody might have been trying to pick your locka nd their getting close to cutting a master key for your house.....
    Assume I've got your password, and you don't change it (because no user changes their password unless you force them to) - I've got access to everything you have access to, until it changes.

    If I'm smart - you won't ever know I've got access to your account.

    Furthermore - if I'm really smart, I'll use your account to glean information about your corporate network in order to compromise a more privledged account in order to REALLY fuck with your shit.

    So yes - it's actually really important you change passwords to a schedule.

    If it's too difficult to remember - use a Password Vault (like Last Pass or similar)

    Put it this way - in a week, we probably deal with up to 50 Compromised Websites and one of the biggest attack vectors is weak passwords that haven't been changed in a while.

    And as for picking a lock - when you can pick thousands locks simultaneously from the comfort of your own home.....

    /sysadmin Rant.
    Physics; Thou art a cruel, heartless Bitch-of-a-Mistress

  4. #34
    Join Date
    21st December 2006 - 14:36
    Bike
    Mine
    Location
    Here
    Posts
    3,966
    Quote Originally Posted by Akzle View Post
    you know there are alternatives, right?
    Normally I'd agree with you but when you're talking corporate policy there are none. Can't even turn off automatic updates on Windows.
    "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin (1706-90)

    "I would rather be exposed to the inconveniences attending to much liberty than those attending too small a degree of it." - Thomas Jefferson (1743-1826)

    "Motorcycling is not inherently dangerous. It is, however, EXTREMELY unforgiving of inattention, ignorance, incompetence and stupidity!" - Anonymous

    "Live to Ride, Ride to Live"

  5. #35
    Join Date
    31st March 2005 - 02:18
    Bike
    CB919, 1090R, R1200GSA
    Location
    East Aucks
    Posts
    10,425
    Blog Entries
    140
    Quote Originally Posted by TheDemonLord View Post
    Furthermore - if I'm really smart, I'll use your account to glean information about your corporate network in order to compromise a more privledged account in order to REALLY fuck with your shit.
    How about an owner with weak password that insisted on being a domain admin as it was their network...

    Then they opened a crypto variant...
    Quote Originally Posted by Jane Omorogbe from UK MSN on the KTM990SM
    It's barking mad and if it doesn't turn you into a complete loon within half an hour of cocking a leg over the lofty 875mm seat height, I'll eat my Arai.

  6. #36
    Join Date
    6th May 2012 - 10:41
    Bike
    invisibike
    Location
    pulling a sick mono
    Posts
    6,057
    Blog Entries
    4
    Quote Originally Posted by TheDemonLord View Post
    .....

    /sysadmin Rant.
    baahahahahahahahaa... you.

    IT head does not a sysadmin make.

  7. #37
    Join Date
    6th May 2012 - 10:41
    Bike
    invisibike
    Location
    pulling a sick mono
    Posts
    6,057
    Blog Entries
    4
    Quote Originally Posted by swbarnett View Post
    Normally I'd agree with you but when you're talking corporate policy there are none. Can't even turn off automatic updates on Windows.
    then your in the wrong corporate.

  8. #38
    Join Date
    21st December 2006 - 14:36
    Bike
    Mine
    Location
    Here
    Posts
    3,966
    Quote Originally Posted by Akzle View Post
    then your in the wrong corporate.
    OS policy is not the only factor when choosing an employer.
    "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin (1706-90)

    "I would rather be exposed to the inconveniences attending to much liberty than those attending too small a degree of it." - Thomas Jefferson (1743-1826)

    "Motorcycling is not inherently dangerous. It is, however, EXTREMELY unforgiving of inattention, ignorance, incompetence and stupidity!" - Anonymous

    "Live to Ride, Ride to Live"

  9. #39
    Join Date
    6th May 2012 - 10:41
    Bike
    invisibike
    Location
    pulling a sick mono
    Posts
    6,057
    Blog Entries
    4
    Quote Originally Posted by cassina View Post
    I think
    you've repeatedly proven you don't

  10. #40
    Join Date
    6th May 2012 - 10:41
    Bike
    invisibike
    Location
    pulling a sick mono
    Posts
    6,057
    Blog Entries
    4
    Quote Originally Posted by R650R View Post
    I dont get this BS where IT dept says you have to change your password every 30 days. If someone knows your login ID and CAN hack/guess your password after 30 days, surely afterawhile they get better and do it in less than 30 days....
    It gets to the point that you've used so many easy to remember password that you default to the bare minimum criteria and actually make it easier for any potential hackers...
    You dont hear locksmiths saying hey you need to rekey your car or house every 30 days, soembody might have been trying to pick your locka nd their getting close to cutting a master key for your house.....
    batterystaplehorse bro

  11. #41
    Join Date
    6th May 2012 - 10:41
    Bike
    invisibike
    Location
    pulling a sick mono
    Posts
    6,057
    Blog Entries
    4
    Quote Originally Posted by swbarnett View Post
    OS policy is not the only factor when choosing an employer.
    yeah but which fkn muppet running the network allows every single node to whore bandwidth downloading the same shit X times???


    and to be fair, if the company has an os policy (or >3 computers) it's likely not on my list of choices

  12. #42
    Join Date
    7th January 2014 - 14:45
    Bike
    Not a Hayabusa anymore
    Location
    Not Gulf Harbour Either
    Posts
    1,460
    Quote Originally Posted by Gremlin View Post
    How about an owner with weak password that insisted on being a domain admin as it was their network...

    Then they opened a crypto variant...
    I would laugh, but it cuts a little too close to home....
    Physics; Thou art a cruel, heartless Bitch-of-a-Mistress

  13. #43
    Join Date
    8th January 2005 - 15:05
    Bike
    Triumph Speed Triple
    Location
    New Plymouth
    Posts
    10,080
    Blog Entries
    1
    Quote Originally Posted by Ocean1 View Post
    I lost three days rebuilding my main work machine after a routine W10 update wrecked it.

    Microsoft. Arseholes, to a man.
    Wot ever are you doing using that stuff?
    There is a grey blur, and a green blur. I try to stay on the grey one. - Joey Dunlop

  14. #44
    Join Date
    8th January 2005 - 15:05
    Bike
    Triumph Speed Triple
    Location
    New Plymouth
    Posts
    10,080
    Blog Entries
    1
    Quote Originally Posted by Akzle View Post
    batterystaplehorse bro
    Staple?
    There is a grey blur, and a green blur. I try to stay on the grey one. - Joey Dunlop

  15. #45
    Join Date
    21st December 2006 - 14:36
    Bike
    Mine
    Location
    Here
    Posts
    3,966
    Quote Originally Posted by Akzle View Post
    yeah but which fkn muppet running the network allows every single node to whore bandwidth downloading the same shit X times???
    Noone here. Downloaded once then distributed.

    Quote Originally Posted by Akzle View Post
    nd to be fair, if the company has an os policy (or >3 computers) it's likely not on my list of choices
    I understand the sentient but this is kind of hard in my line of work.
    "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin (1706-90)

    "I would rather be exposed to the inconveniences attending to much liberty than those attending too small a degree of it." - Thomas Jefferson (1743-1826)

    "Motorcycling is not inherently dangerous. It is, however, EXTREMELY unforgiving of inattention, ignorance, incompetence and stupidity!" - Anonymous

    "Live to Ride, Ride to Live"

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •