Need the opposite costume, the overly eager sys admin.
- wants to force password changes once a month for security
- constantly changing security policies to reflect the flavor of the month
- constantly sends out phishing emails tests, wonders why no one replies to any of his emails
Then do this to computer-shaped instrument controller systems that have accounts that can not have passwords changed or the application won’t run. Or service accounts, so if you pop in after 6 months, nobody knows the current password and the IT guy only comes in 2 hours/week. And that was yesterday. And no, no contact information present…
Sysadmin: “A clear indication of phishing email is the sense of urgency. We would never send out any email regarding urgent updates that needs immediate action.”
Also sysadmin: “URGENT!!! You must update your system now before Friday!!! Click link here for instructions! Otherwise you will be locked out!”
My fucking uni is trying to move to passwordless, but you will always need a password to log onto any lab device, and to the wifi, so why?
I mean you don’t actually need a password for that when it’s implemented the right way
A website once complained my password contained 3 consecutive letters there were 1 away from each other. This was back when I used sentences for passwords. It was complaining about the word worst because of r-s-t.
