I can't believe people fall for this. But apparently they do.

Gromett · Apr 13, 2019

So I am posting this as a warning..

The rules on password security are extremely simple.
1) If someone asks you for your password in full either verbally, phone, text, email or any other way then refuse. Do not capitulate no matter how nice, convincing or authoritative they are.
2) If you are asked to enter a password on a website ensure that there is a green padlock in the URL/address bar.
3) Never click on a link to a page that requires a password (from email for example). ALWAYS use a bookmark.

Ask me about rule 3 if you don't understand what I mean.

ShiftZZ · Apr 13, 2019

Many years ago, if you forgot your password you had to fill in a form, hand it to IT and they would reset it, trear off the bottom part of the form and add a new temp password, left in a box for you to pick up... ALL IN THE OPEN, no envelope...

I turned up, most unhappy, ANYONE could take the bit of paper...

So, I complaned, NO they were not going to change the system.... They should have known better...

Next day, I turned up, took a reset password form, used it, processed a loan application for £10k in the name of the Head of IT for that department, revoked the password, sat back and waited..

Two days later the Head of IT stormed into my office, his wife had opened the letter offering him £10k for a holiday, he denied everthing, he claimed that I had done the deed... My reply was simple enough "You know that, I know that, prove it"

He tried his hardest, he failed, I had even used his own terminal to process the application...

Next day the whole password reset system was changed...

Theonlysue · Apr 13, 2019

Working at a large institution, mtboss wanted my password to access systems that he didn't have access to.
I refused nicely, but he was really miffed about it.

DuxDeluxe · Apr 13, 2019

It never ceases to amaze me how dumb people can be with passwords and looking after them

Gromett · Apr 13, 2019

ShiftZZ said:
Many years ago, if you forgot your password you had to fill in a form, hand it to IT and they would reset it, trear off the bottom part of the form and add a new temp password, left in a box for you to pick up... ALL IN THE OPEN, no envelope...

I turned up, most unhappy, ANYONE could take the bit of paper...

So, I complaned, NO they were not going to change the system.... They should have known better...

Next day, I turned up, took a reset password form, used it, processed a loan application for £10k in the name of the Head of IT for that department, revoked the password, sat back and waited..

Two days later the Head of IT stormed into my office, his wife had opened the letter offering him £10k for a holiday, he denied everthing, he claimed that I had done the deed... My reply was simple enough "You know that, I know that, prove it"

He tried his hardest, he failed, I had even used his own terminal to process the application...

Next day the whole password reset system was changed...

Nice One. Sometime those that know how to do stuff have to teach those who manage those who know how to do stuff how it actually works

Gromett · Apr 13, 2019

Theonlysue said:
Working at a large institution, mtboss wanted my password to access systems that he didn't have access to.
I refused nicely, but he was really miffed about it.

Tough sh&t and well done Sue..

ShiftZZ · Apr 13, 2019

Gromett said:
Nice One. Sometime those that know how to do stuff have to teach those who manage those who know how to do stuff how it actually works

I was walking down the office and I saw two IT techies and the Manager standing around a PC, they looked confused, I asked them what was the problem, they replied that the PC was not connecting to the server. Hmmmm, I suggested that the solution may well be simpler than they thought!
They looked at me as if to say "You're Fraud, we are IT, so FO"
That soon changed when I pointed out that the ethernet cable RJ45 wasnt plugged in...
They were not impressed..

Shifty Wins Again...

rangi · Apr 13, 2019

Gromett said:
2) If you are asked to enter a password on a website ensure that there is a green padlock in the URL/address bar.

AHA!! caught you out!! how come this forum only has a BLACK padlock?

pappajohn · Apr 13, 2019

AHA!! caught you out!! how come this forum only has a BLACK padlock? :gum:

Cos your screen is monochrome.

Gromett · Apr 13, 2019

rangitira said:
AHA!! caught you out!! how come this forum only has a BLACK padlock?

Ah you are correct. In Chrome the padlock is indeed black these days. I was in firefox when I wrote the above.

I think therefore you should just look for a padlock irrespective of colour. This is what a secure page looks like in firefox and chrome.
Firefox.

Chrome.

However, on insecure pages it will look like this.
Firefox.

Chrome

So basically in firefox look for green padlock and you are good.
In Chrome you are good unless you see "Not secure".

I can't believe people fall for this. But apparently they do.

Gromett

ShiftZZ

Theonlysue

DuxDeluxe

Gromett

^{_{Subscribers do not see these advertisements}}

Gromett

ShiftZZ

rangi

pappajohn

Gromett

^{_{Subscribers do not see these advertisements}}

Latest journal entries

Italy Sept 2023

The Land of Guinness 2023

West coast France, Dordogne and back