This Blog Is Full Of Crap

Perhaps there should be a policy that a list of all accounts with the password "Password" will be posted weekly to a random hacker IRC channel.

Eric, I think that idea would be a problem for a lot of official corporations! The NHS in the UK for a start!

At least your email password isn't the same across the entire division per company policy.

"No, you can't change your password. We're sick of having to reset passwords for idiots that forgot theirs."

Ohhhhhhhhhkkaaaaaaaaaaay.

"No, you can't change your password. We're sick of having to reset passwords for idiots that forgot theirs."

That's actually a fantastic idea. It should be followed up with, "Furthermore, we simply won't require passwords for logon anymore. Therefore, you are no longer allowed to save your work. Hope you get it all done in one fell swoop!

Actually, we're just abolishing computers all together."

And all the IS people cheered and wept.

One place I worked for a while required a new 8 character alphanumeric every 30 days for network access. The result was lots of post-it notes reading "1111qqqq" and "qwertyu8" on people's monitors. I avoided this by using easy to remember stuff like "defec8er". Once you were into the network, the password for critical applications was "first initial, first seven letters of last name".

A while later, while contracting for a competitor, I stopped by the building to use the public restroom and cheap vending machine on the second floor. When, just for stuff and giggles I waved my new keycard, it produced a beep and green led from the sensor.

BTW, a local DJ I blogroll reported getting unrestricted access to a corporate WiFi which overpowered the McDonalds one in their parkinglot when, again just for amusement he tried login and password of "admin".

I still laugh at the person who had their password on their monitor, written with a post-it. Then they accused others of "hacking" their account.