The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sun Nov 24, 2024 3:45 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 60 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
 Post subject: Re: Re:
PostPosted: Fri Aug 23, 2013 12:32 am 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
Arathain Kelvar wrote:
All you are really doing here is explaining why people hate IT. They are underfunded so don't have adequate time to properly service the caller, IT folks are cave-trolls who hate people, etc.


We may be cave trolls, but who do you have to call to reset your goddamn password?

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 23, 2013 10:43 am 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
Maybe it has something to do with being asked to input an old password that you're not supposed to write down every so often, as specified in the OP, or when you have to have multiple passwords for multiple systems that have different requirements that you're also not supposed to write down and also have to be changed at different intervals.

Not that this is the fault of the IT people, but it's not the fault of the person needing help, either. Yeah, ok, people call up sometimes asking dumb questions. Get over it. Everyone says dumb **** from time to time. It's not because IT people are smart and the world around them is stupid. Shuyung illustrated the problem earlier; password requirements are silly and create this sort of problem. Most people can't even remember a phone number without writing it down or saving it in their phone.

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
 Post subject: Re: Re:
PostPosted: Fri Aug 23, 2013 11:33 am 
Offline
User avatar

Joined: Fri Sep 25, 2009 8:22 pm
Posts: 5716
Müs wrote:
Arathain Kelvar wrote:
All you are really doing here is explaining why people hate IT. They are underfunded so don't have adequate time to properly service the caller, IT folks are cave-trolls who hate people, etc.


We may be cave trolls, but who do you have to call to reset your goddamn password?


All I'm saying is step out of the cave and stop hating people. Or not.

It generally seems to be a mutual disdain, which I get.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Aug 23, 2013 11:44 am 
Offline

Joined: Wed Sep 02, 2009 10:49 pm
Posts: 3455
Location: St. Louis, MO
Two-factor authentication. We've solved this problem, people need to get on board.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject: Re: Re:
PostPosted: Fri Aug 23, 2013 5:07 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
Arathain Kelvar wrote:
Müs wrote:
Arathain Kelvar wrote:
All you are really doing here is explaining why people hate IT. They are underfunded so don't have adequate time to properly service the caller, IT folks are cave-trolls who hate people, etc.


We may be cave trolls, but who do you have to call to reset your goddamn password?


All I'm saying is step out of the cave and stop hating people. Or not.

It generally seems to be a mutual disdain, which I get.



I'll stop hating people when they stop being willfully ignorant, self-entitled, cockbags.

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 23, 2013 7:56 pm 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
I don't really see that needing a password reset because some jackwagon decided that you need to remember your old password, or because the system decided your "activity pattern" changed really falls under "entitlement", especially when you need it to do your work.

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Fri Aug 23, 2013 7:57 pm 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
shuyung wrote:
Two-factor authentication. We've solved this problem, people need to get on board.


If this is the thing you were talking about in the cartoon earlier, that is awesome. Why no one seems to do that is beyond me.

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
 Post subject: Re: Re:
PostPosted: Fri Aug 23, 2013 8:12 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Diamondeye wrote:
shuyung wrote:
Two-factor authentication. We've solved this problem, people need to get on board.


If this is the thing you were talking about in the cartoon earlier, that is awesome. Why no one seems to do that is beyond me.

It's not. The thing in the XKCD comic is simply an observation on password strength.

Passwords are still only one authentication factor, no matter how strong they are.

I'm really rather surprised that you're not familiar with 2-factor authentication. I would have thought that it's in common use, if not required, in our military.

Two-factor authentication combines two different types of authentication to help mitigate the risk of any one factor being compromised. The most common implementations of two-factor authentication are cards or dongles issued to individuals plus their password. WoW keychain/phone authenticators are an example.

The easy way to remember authentication types are: Something you have, Something you are, and Something you know.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject: Re: Re:
PostPosted: Fri Aug 23, 2013 8:21 pm 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
Kaffis Mark V wrote:
Diamondeye wrote:
shuyung wrote:
Two-factor authentication. We've solved this problem, people need to get on board.


If this is the thing you were talking about in the cartoon earlier, that is awesome. Why no one seems to do that is beyond me.

It's not. The thing in the XKCD comic is simply an observation on password strength.

Passwords are still only one authentication factor, no matter how strong they are.

I'm really rather surprised that you're not familiar with 2-factor authentication. I would have thought that it's in common use, if not required, in our military.

Two-factor authentication combines two different types of authentication to help mitigate the risk of any one factor being compromised. The most common implementations of two-factor authentication are cards or dongles issued to individuals plus their password. WoW keychain/phone authenticators are an example.

The easy way to remember authentication types are: Something you have, Something you are, and Something you know.


Ahh, ok. I guess I did know that, it just didn't "click" for some reason. I thought the 4-word password thing was so cool, I guess I just fixated on that.

In that case, yes it actually is in use. You have your ID card which has a chip on it. Then, you put it in a computer slot and type in a PIN. You could even think of it as 3-factor since you have to have a computer with the right kind of slot and the software to make the card work too. It can be installed on a home computer too, which is really handy. My unit administrator can prepare forms I need to sign, e-mail them to me, and then I digitally sign and send them back. It saves me a 45-minute drive to the unit, and her a lot of time.

The card reader itself is a pain, though. You either have to be issued one or special order it; They don't sell them in office supply stores last I checked (and I did actually look for one at one point, because the first one I was issued had all the instructions in German.)

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 23, 2013 8:51 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
Diamondeye wrote:
I don't really see that needing a password reset because some jackwagon decided that you need to remember your old password, or because the system decided your "activity pattern" changed really falls under "entitlement", especially when you need it to do your work.


Its the behavior when requesting the password reset that determines the entitlement, not the need for the reset in and of itself.

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 23, 2013 9:08 pm 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
Müs wrote:
Diamondeye wrote:
I don't really see that needing a password reset because some jackwagon decided that you need to remember your old password, or because the system decided your "activity pattern" changed really falls under "entitlement", especially when you need it to do your work.


Its the behavior when requesting the password reset that determines the entitlement, not the need for the reset in and of itself.


I think you're confusing "douchebag" with "entitled".

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Aug 23, 2013 9:27 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
It can be both.;)

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
PostPosted: Sat Aug 24, 2013 11:31 am 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
People get annoyed when the IT person forces them to waste time on stuff like "reboot the computer" and "check the connections" despite the fact that the password reset problem is by far the most common thing people from our department call them about combined with the fact that they have the ability to quickly check if the account is locked. If the account is locked, you're going to have to fix that anyways even if **** isn't plugged in. Why can't we do this first and then go to rebooting the computer if that doesn't solve the problem? Instead, you're just reading items off a list without any respect for the guy on the other side. At the very least, you could check the account status while my computer is rebooting, but the vast majority of the time they won't even do that, we have to get through all the time-wasting before they'll deign to actually do it.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Aug 24, 2013 7:57 pm 
Offline
Rihannsu Commander

Joined: Thu Sep 03, 2009 9:31 am
Posts: 4709
Location: Cincinnati OH
maybe they're punishing you for forgetting your password all the $#%#$ time. Given the burst of the IT bubble, you probably have CCNAs etc, making about 1/5th of what they used to, manning the help desk, and they're having to babysit a bunch of overpaid dilettantes who can't be troubled to manage their own passwords.


Top
 Profile  
Reply with quote  
PostPosted: Sun Aug 25, 2013 8:23 pm 
Offline
pbp Hack
User avatar

Joined: Wed Sep 02, 2009 8:45 pm
Posts: 7585
As I've said before, the polar opposite of security is accessibility. The more secure you make something, the harder it is to get at, even for those you want to have it. Why don't I have sixteen locks on my front door? Because it's more of a pain in my butt to unlock and re-lock them every day than my situation warrants. I don't recall what you do, but odds are you have access to financials and other sensitive customer information on your network and if your company were to have an issue, it would severely hurt their (and by extension your) bottom line. As a result the IT powers that be have decided (right or wrong) on more security and less accessibility than you would like.

The other thing I learned in my school IT days, was the nicer I was to other departments, and the better I served them, the better they were when I needed something from them. I don't know if IT ever needs anything from your department, but if you are good to them, they will remember it down the road. Conversely, if you are seen as a "Problem Child" (rightly or wrongly), word gets around and it reflects the service you receive.

_________________
I prefer to think of them as "Fighting evil in another dimension"


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Aug 27, 2013 12:47 am 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Keepass
Lastpass

Can we all just agree to quit ***** about remembering passwords now?

I don't even know what any of my passwords are...

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Tue Aug 27, 2013 9:00 am 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
Stathol wrote:
Keepass
Lastpass

Can we all just agree to quit ***** about remembering passwords now?

I don't even know what any of my passwords are...


Heh, I would probably be fired immediately if I were to install anything on any of these computers without getting authorization in advance. Even opening internet explorer and visiting a non-intranet website would probably get me in trouble.

When the computers have access to medical records, someone in IT gives the go ahead to be as hardcore and obstructive as possible. We recently had an incident where two lab assistants installed Pandora on one of the computers to listen to music. They said that their manager said they could do it, their manager insisted they were asking him about listening to regular radio, not internet radio. Corporate's response when they couldn't figure out the truth? Just fire all three of them. In a rare case of a union actually doing something constructive, the lab assistants' union basically said, "This is bullshit, you're not firing them." They kept their jobs, the manager was still fired. I'm not in a union, so I'd have no protection.


Top
 Profile  
Reply with quote  
PostPosted: Tue Aug 27, 2013 9:11 am 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
My suggestion, BTW is to just ignore that idiots saying don't write it down, and write the damn password down. How are they going to know? Do they search your wallet when you come in?

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Aug 27, 2013 9:16 am 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
Oh, I definitely write them down. Well, I keep them in my phone. Most others write them down too. It just baffles me how someone can sit down and write up requirements that they have to know will never be followed.


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Tue Aug 27, 2013 10:23 am 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Xequecal wrote:
Oh, I definitely write them down. Well, I keep them in my phone. Most others write them down too. It just baffles me how someone can sit down and write up requirements that they have to know will never be followed.

It's so that, when your written down password results in an information breach, they and their superiors don't get their asses handed to them in court by the victims. You're the one who violated policy.

As for IT giving the "go ahead to be as hardcore and obstructive as possible"... I guarantee it's HIPAA you get to thank for that, rather than overzealous sadists in IT. Honestly, I'm rather amazed that a lab computer could even access Pandora through the firewall.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Aug 28, 2013 10:17 am 
Offline
Peanut Gallery
User avatar

Joined: Thu Nov 26, 2009 9:40 pm
Posts: 2289
Location: Bat Country
I have to dispute XKCD in this case. If we recommended words in that nature, while amusing, the brute force tools would just be programmed to do the dictionary part first. Some tools are quite sophisticated. The increasing power of PCs, makes passwords a poor security safeguard regardless. It's still a best practice.

Even the 2-factor isn't foolproof. No security is. The CACs have already been broken. If someone wanted to get into your network and they had the know how, they'd do it from a hotel just off base. We make it hard enough that not just any script-kiddy can download a tool box and break in. The rest rely on detection tools and good management.

I'm glad they are hardcore about peoples medical info security. YMMV.

Unfortunately, some folks just don't have the people skills needed to talk to users/customers. They don't speak the same professional language as us, so you have to work out what is really going on. A lot of the AF guys don't know enough about... anything to know what questions to ask. :psyduck:

_________________
"...the line dividing good and evil cuts through the heart of every human being. And who is willing to destroy a piece of his own heart?" -Aleksandr Solzhenitsyn


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Aug 28, 2013 5:22 pm 
Offline
adorabalicious
User avatar

Joined: Thu Sep 03, 2009 10:54 am
Posts: 5094
IT isn't a cost center btw.

_________________
"...but there exists also in the human heart a depraved taste for equality, which impels the weak to attempt to lower the powerful to their own level and reduces men to prefer equality in slavery to inequality with freedom." - De Tocqueville


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Sat Aug 31, 2013 1:14 am 
Offline
The Game Master.
User avatar

Joined: Wed Sep 02, 2009 10:01 pm
Posts: 3729
Elmarnieh wrote:
IT isn't a cost center btw.


Sure it is. Does it generate revenue? No. So it's a cost center. There are only two types of units in the organizational breakdown I'm talking about: cost centers and revenue centers.

_________________
“The duty of a patriot is to protect his country from its government.” - Thomas Paine


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Sep 01, 2013 9:18 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 11:05 am
Posts: 1111
Location: Phoenix
So if an IT project increases productivity of workers by 15% which results in $10 million additional revenue, are they a cost center or revenue?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Sep 01, 2013 9:33 pm 
Offline
I got nothin.
User avatar

Joined: Thu Sep 03, 2009 7:15 pm
Posts: 11160
Location: Arafys, AKA El Müso Guapo!
They're always a cost center. IT does not produce revenue directly.

_________________
Image
Holy shitsnacks!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 60 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 143 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group