rhubarb

I work for a large organization. No, not large, massive. Our IT department touts itself as the best there is. There are three levels of security, all developed in the 80's, for our main database. If you know about IBM security protocols developed in the 80's, you will know that the strongest security lies in the fact that the way you get into the program is so damn confusing and nonintuitive.

You finally arrive at a blank screen and you have to know what to type into it. However, if you're familiar with the protocols of the era, you can guess it pretty easily.

However, be that as it may, we personally have to develop passwords with more than 8 letters and numbers, containing at least one number, cannot begin or end with a number and cannot contain double letters or part of your name. Sheesh!

OK, I'm down with that. Have it conquered and memorized. No problem.

Today we were given a different list of our usernames and passwords for a new off-the-shelf software (which undoubtedly, like all the others before it, won't work to meet our needs).

My username is my job title followed by the number next to my name when we are listed in order (1, 2, 3, etc.) in the org chart. The password is just the job title without the number.

Any idiot could figure it out in 10 seconds or less. And this is their vaunted security? Give me strength....




	rhubarb Home Get Email Updates AUTOBIOGRAPHY Demented Diary Going Wodwo Crochet Lady Dan Gent Sue Woodstock ***Bloglines*** Sky Friday John Kindle Daily Deal Email Me Admin Password Remember Me 2411346 Curiosities served Share on Facebook				2010-02-05 10:38 AM Rant Previous Entry :: Next Entry Read/Post Comments (4) I work for a large organization. No, not large, massive. Our IT department touts itself as the best there is. There are three levels of security, all developed in the 80's, for our main database. If you know about IBM security protocols developed in the 80's, you will know that the strongest security lies in the fact that the way you get into the program is so damn confusing and nonintuitive. You finally arrive at a blank screen and you have to know what to type into it. However, if you're familiar with the protocols of the era, you can guess it pretty easily. However, be that as it may, we personally have to develop passwords with more than 8 letters and numbers, containing at least one number, cannot begin or end with a number and cannot contain double letters or part of your name. Sheesh! OK, I'm down with that. Have it conquered and memorized. No problem. Today we were given a different list of our usernames and passwords for a new off-the-shelf software (which undoubtedly, like all the others before it, won't work to meet our needs). My username is my job title followed by the number next to my name when we are listed in order (1, 2, 3, etc.) in the org chart. The password is just the job title without the number. Any idiot could figure it out in 10 seconds or less. And this is their vaunted security? Give me strength.... Read/Post Comments (4) Previous Entry :: Next Entry Back to Top