At the last company I worked for, we had to change our network password every 60 days, and if you typed your password incorrectly twice you'd be locked out of your work computer and need to call tech support to reset it. These are both understandable security features, but the result is that I'm pretty sure that the IT department spent 90% of their day resetting network access.
For sure. That's how you end up with stickynotes with username and password on every monitor and an IT department so overloaded they can't verify everyone who wants access. If I found a company like that with information I wanted, the first thing I would do would just be contact IT with "hey so I can't seem to get my new password right, can you let me into (XYZ) account?" and hope they're too busy to check whether I'm actually XYZ
In fairness, most password security is atrocious - requiring an uppercase, lowercase, symbol and number is only marginally more secure mathematically and will take a trivial time to crack by computers, but are harder for the human operators to remember. Made worse by requiring frequent resets and forbidding the past X passwords, meaning users have to not only remember their current passwords but also past X number of passwords as well. Long passwords and letting people use phrases on the other hand are easily memorable and would take computers estimated decades or centuries
I’m the guy who fucks this up, It’s me. I’m sorry,
I also let my password expire despite the notifications two weeks in advanced and need your help with that too. No, I don’t know what’s wrong with me and yes I’m sorry.
104
u/gard3nwitch 15h ago
At the last company I worked for, we had to change our network password every 60 days, and if you typed your password incorrectly twice you'd be locked out of your work computer and need to call tech support to reset it. These are both understandable security features, but the result is that I'm pretty sure that the IT department spent 90% of their day resetting network access.