[Cialug] Password Resets
Todd Walton
tdwalton at gmail.com
Thu Jun 24 14:43:03 UTC 2021
No matter how hard a person tries, he or she is never going to escape
*users*... they're always there... lurking around the next corner... ready
to launch upon the unsuspecting IT person such offenses as "the password
reset". Let's call my attacker Phil.
An IM transcript:
14:46 Phil: That password "password" is not working
14:47 Phil: Wait. It worked!
14:49 Phil: tried every differnet combination and no luck
14:51 Me: Every different combination of what?
14:51 Me: Your password worked? Or didn't work?
14:52 Phil: password
Phil, that isn't even English syntax. You gotta help me out, buddy. I
literally set your password to "password" and told you that's what it was.
All you gotta do is type "password". You could even cut and paste the
actual word into the password field.
I like the customer support aspect of my job. I like creating satisfied
customers. I know it's a little dorky, but I cheered when Tron said "I
fight for the user!" But people like Phil really test the limits. I spent
an hour on this password reset. I'm not help desk. Resetting passwords
isn't my primary reason for being employed. Oy, the literal headache.
--
Todd
More information about the Cialug
mailing list