SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Are the posted questions getting worse?


Are the posted questions getting worse?

Author
Message
Sean Lange
Sean Lange
SSC Guru
SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)

Group: General Forum Members
Points: 147940 Visits: 18567
Grant Fritchey - Friday, January 12, 2018 1:24 PM
Ed Wagner - Friday, January 12, 2018 11:44 AM
drew.allen - Friday, January 12, 2018 10:21 AM
Crazy
I had to reset my windows password today and kept having troubles. It turns out that the 12-character password that I had entered was TOO LONG. REALLY!?! 12 characters is too long for a password?

Drew

Now that's just sad. In today's environment, I can't believe a system would have a limit that low. Granted, everything has some sort of limit, but 12 characters seems miserly by anyone's standards.


I had trouble logging into a web site recently. Finally got their tech support on the phone. Evidently my 15 character password was too much. Set it 12. Nope. Capitalized letters are a problem. What? Fine, whatever. Fixed that. Nope. Special characters? No we don't support those. Fine fixed that too. And finally... Nope. You can't use the letter x either.

12 characters or less, numbers and lower case letters only, but not the letter x.

I would love to have a chat with their data people and their developers. What the heck is wrong with the letter x?

Gosh that sounds like our payroll system. It does not allow any special characters....nothing other than [a-zA-Z0-9] except it MUST contain a single $, # or !. And it must be exactly 8 characters. No more or less. The rules are so stringent it is isn't even remotely secure. WTF????


_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Modens splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Luis Cazares
Luis Cazares
SSC Guru
SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)SSC Guru (95K reputation)

Group: General Forum Members
Points: 95213 Visits: 21192
Sean Lange - Monday, January 15, 2018 10:00 AM

Gosh that sounds like our payroll system. It does not allow any special characters....nothing other than [a-zA-Z0-9] except it MUST contain a single $, # or !. And it must be exactly 8 characters. No more or less. The rules are so stringent it is isn't even remotely secure. WTF????


Sounds like the requirements from a bank for their online site. The only difference is that it should be only numbers and exactly 8 digits. I only had an account with them because it was a company policy to receive my paycheck, but I would never get any of their products.


Luis C.
General Disclaimer:
Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?


How to post data/code on a forum to get the best help: Option 1 / Option 2
Ed Wagner
Ed Wagner
SSC Guru
SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)SSC Guru (156K reputation)

Group: General Forum Members
Points: 156459 Visits: 11650
Luis Cazares - Tuesday, January 16, 2018 8:56 AM
Sean Lange - Monday, January 15, 2018 10:00 AM

Gosh that sounds like our payroll system. It does not allow any special characters....nothing other than [a-zA-Z0-9] except it MUST contain a single $, # or !. And it must be exactly 8 characters. No more or less. The rules are so stringent it is isn't even remotely secure. WTF????


Sounds like the requirements from a bank for their online site. The only difference is that it should be only numbers and exactly 8 digits. I only had an account with them because it was a company policy to receive my paycheck, but I would never get any of their products.

That's completely pathetic, especially for a bank. The company should be able to direct deposit to any bank. Sounds like it's time to get a new bank.



Tally Tables - Performance Personified
String Splitting with True Performance
Best practices on how to ask questions
Tom Thomson
Tom Thomson
SSC Guru
SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)SSC Guru (50K reputation)

Group: General Forum Members
Points: 50485 Visits: 13157
Ed Wagner - Tuesday, January 16, 2018 11:34 AM
Luis Cazares - Tuesday, January 16, 2018 8:56 AM
Sean Lange - Monday, January 15, 2018 10:00 AM

Gosh that sounds like our payroll system. It does not allow any special characters....nothing other than [a-zA-Z0-9] except it MUST contain a single $, # or !. And it must be exactly 8 characters. No more or less. The rules are so stringent it is isn't even remotely secure. WTF????


Sounds like the requirements from a bank for their online site. The only difference is that it should be only numbers and exactly 8 digits. I only had an account with them because it was a company policy to receive my paycheck, but I would never get any of their products.

That's completely pathetic, especially for a bank. The company should be able to direct deposit to any bank. Sounds like it's time to get a new bank.


I don't think a company in the UK could legally do that - the employee designates where his pay is deposited (subject to court orders, and maybe to regulations issued by the Inland Revenue Service), not the company.
As for security, yes I have an 8 digit account number. However, it doesn't help anyone hack into my account. To do that they need to have possession of my debit card, know my online scheme membership number, have a one-off password construction device programmed to match the security at the bank's end, and know my PIN for my debit card in order to get the device to construct a one-time password (it incorporates a card interface and requires pin input that the card verifies). I thought that similar leve lof security as operated now by all UK banks, and would be surprised to find poor online banking security anywhere in within the EU or indeed in India or Lebanon (don't know about the rest of the world, haven't spent enough time there).

Tom

Sergiy
Sergiy
SSC Guru
SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)

Group: General Forum Members
Points: 58953 Visits: 12964
Last year Aussies passed the law which makes it illegal for shops to accept credit card payments without a PIN.
Not sure when this legislation comes to power - this year or the next one.
RandomStream
RandomStream
Say Hey Kid
Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)Say Hey Kid (670 reputation)

Group: General Forum Members
Points: 670 Visits: 445
Sergiy - Tuesday, January 16, 2018 3:23 PM
Last year Aussies passed the law which makes it illegal for shops to accept credit card payments without a PIN. Not sure when this legislation comes to power - this year or the next one.

How do they expect shops to take credit card payment over the phone? What about shopping online? Isn't typing in the PIN online just as dangerous?
Sergiy
Sergiy
SSC Guru
SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)SSC Guru (58K reputation)

Group: General Forum Members
Points: 58953 Visits: 12964
Online shopping leaves number of traces.
Which can be used in police investigation in case of a fraud.

In Australia till now a stranger could enter a shop, present probably stolen or lost credit card and leave the shop packed to the rafters with no security checks in the process.
Except for the signature, which nobody verifies too thourouly.

Life is quite relaxed over there.
Jeff Moden
Jeff Moden
SSC Guru
SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)SSC Guru (505K reputation)

Group: General Forum Members
Points: 505531 Visits: 44253
Sergiy - Tuesday, January 16, 2018 7:48 PM
Online shopping leaves number of traces.Which can be used in police investigation in case of a fraud.In Australia till now a stranger could enter a shop, present probably stolen or lost credit card and leave the shop packed to the rafters with no security checks in the process. Except for the signature, which nobody verifies too thourouly.Life is quite relaxed over there.


I'll say. I used to work for a company that used feeds from DoubleClick.Net. It's amazing that they can trace from the time that you see an ad, through all of the clicks you made to get to the purchase site, the clicks you made on the purchase site, and what your purchase eventually was. It's actually one of the keys to prove that screen ads worked and what the cost of the ad and the payment to the site the ad was carried by should be.

--Jeff Moden

RBAR is pronounced ree-bar and is a Modenism for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
If you think its expensive to hire a professional to do the job, wait until you hire an amateur. -- Red Adair

Helpful Links:
How to post code problems
How to post performance problems
Forum FAQs
Sean Lange
Sean Lange
SSC Guru
SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)SSC Guru (147K reputation)

Group: General Forum Members
Points: 147940 Visits: 18567
Jeff Moden - Wednesday, January 17, 2018 6:50 AM
Sergiy - Tuesday, January 16, 2018 7:48 PM
Online shopping leaves number of traces.Which can be used in police investigation in case of a fraud.In Australia till now a stranger could enter a shop, present probably stolen or lost credit card and leave the shop packed to the rafters with no security checks in the process. Except for the signature, which nobody verifies too thourouly.Life is quite relaxed over there.


I'll say. I used to work for a company that used feeds from DoubleClick.Net. It's amazing that they can trace from the time that you see an ad, through all of the clicks you made to get to the purchase site, the clicks you made on the purchase site, and what your purchase eventually was. It's actually one of the keys to prove that screen ads worked and what the cost of the ad and the payment to the site the ad was carried by should be.


Google adwords works much the same. We use it quite extensively at our work. It is scary. We pay some money to show up in the ad section for certain keywords and they can track it all the way through the completed transaction. Truly amazing but it does require us to have some code in place on our side of things to help feed the data.

_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Modens splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
jasona.work
jasona.work
SSC-Insane
SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)SSC-Insane (23K reputation)

Group: General Forum Members
Points: 23843 Visits: 14142
I find it amusing that someone responded to a topic (that I'd replied to and hopefully answered the OPs question) with a link to a topic on basically the same thing that I started 4 years ago...

Not knocking the second respondent, just find it amusing (and yes, I'd completely forgotten about my 4 year old, answered, topic...)
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum








































































































































































SQLServerCentral


Search