July 26, 2012 at 9:17 am
Sean Lange (7/26/2012)
Stefan Krzywicki (7/26/2012)
Sean Lange (7/26/2012)
Stefan Krzywicki (7/26/2012)
Sean Lange (7/26/2012)
Here's a chuckle for you security types out there. I was trying reset my security questions today on the ADP site because apparently the available questions change from time to time and two of mine were no longer eligible. this meant I couldn't recover my password. I managed to get our HR department to reset my password. This of course meant I also had to change my security questions. So far this all sounds pretty typical. This is where I nearly peed myself.I chose to put in a response for "What is the first and last name of your father's father? (Paternal Grandfather)". I proceeded to type in his name. It immediately gave me a validation error that said "Security answer cannot contain the user's last name".
How many people don't share a last name with their PATERNAL grandfather? Only unmarried women, or those that chose not to take their husband's last name. And people wonder why we get some *$&#ing frustrated with website security. :w00t:
Just make the last name "You know, that guy"
It is amazing to me not only how poorly thought out much security is, but that even giant companies like Microsoft don't bother keeping up to date on what is thought to make a truly secure password.
I almost never have to login to the ADP site so it is always a challenge. I don't bother to add the password to my keyring because I use it so infrequently. I have been at this job for 4 years and this might be the second time since I started. I just needed to get my last two pay stubs for our refinance on the house. What a total PITA that was.
Next time I will not even try to unlock my password and just go straight to them and ask them to reset it for me. When all was said and done it turns out that passwords expire every so often. While that is great for security it sucks for very infrequent users.
It actually isn't great for security, partly for the reason you mention. Passwords are so prevalent in society today that many people end up using the same few for everything or forget them and write them down in insecure ways. If a password never expires, it is no easier to crack and is much easier to remember.
Even funnier is that when I used the temporary password to gain access and then it appropriately forced me to set a new password. It will not allow to use a password that has ever been used in the past. This is a bit of a pita but not the end of the world. What did suck though was that the form was center screen and the error message was about 6pt font in the upper left by the logo. It took me about 10 tries before I actually noticed it.
When all was said and done it took me over 90 minutes to view my last two pay stubs using the "convenience" of a website.
My agency also uses ADP and I have a lot of problems with how their site works. If they were a tech company, I would avoid their products.
--------------------------------------
When you encounter a problem, if the solution isn't readily evident go back to the start and check your assumptions.
--------------------------------------
Itβs unpleasantly like being drunk.
Whatβs so unpleasant about being drunk?
You ask a glass of water. -- Douglas Adams
July 26, 2012 at 10:37 am
Brandie Tarvin (7/26/2012)
OMG. This is so appropriate for us:http://dilbert.com/strips/comic/2012-07-26/[/url]
Tell true, Threadzians. How many of you fell into this trap?
Nobody offered me 45 minutes :blink:. Senior technical people at ICL were expected to pick up new technologies and expertise at the drop of a hat, and we didn't have anywhere so high up that it would take a hat 45 mins to fall. π
Tom
July 26, 2012 at 10:56 am
Sean Lange (7/26/2012)
How many people don't share a last name with their PATERNAL grandfather? Only unmarried women, or those that chose not to take their husband's last name. And people wonder why we get some *$&#ing frustrated with website security. :w00t:
So you think women will only chose to take their husbands last name on marriage if they marry someone whose last name is the same as their (the wife's) paternal grandfather? I know a women who took her husband's name although it was different from her paternal grandfathers. In fact I know an awful lot of them π
And those Scottish ladies who follow standard highland convention and chane Mac to Nic. π
How many Czech women have paternal grandfathers whose name ends in -ova (if hubby were Fredovic they would take his name in the form Fredova), or how many how many Russian granddads have last names ending in "va" insteacd of "v"? :laugh:
And of course there's anyone who takes the name of an adoptive parent π
Your comment about only unmarried women etc is almost as funny as the stupid security system. :blink:
Tom
July 26, 2012 at 10:59 am
Stefan Krzywicki (7/26/2012)
Just make the last name "You know, that guy"It is amazing to me not only how poorly thought out much security is, but that even giant companies like Microsoft don't bother keeping up to date on what is thought to make a truly secure password.
If the banks and so on ever start collating my security question answers with each other they are going to find themselves wondering why my mother had a couple of dozen different maiden names.
edit: or perhaps having nightmares about some sort of genetic engineering which produces people with a couple of dozen mothers :w00t:
Tom
July 26, 2012 at 11:08 am
L' Eomot InversΓ© (7/26/2012)
Sean Lange (7/26/2012)
How many people don't share a last name with their PATERNAL grandfather? Only unmarried women, or those that chose not to take their husband's last name. And people wonder why we get some *$&#ing frustrated with website security. :w00t:So you think women will only chose to take their husbands last name on marriage if they marry someone whose last name is the same as their (the wife's) paternal grandfather? I know a women who took her husband's name although it was different from her paternal grandfathers. In fact I know an awful lot of them π
And those Scottish ladies who follow standard highland convention and chane Mac to Nic. π
How many Czech women have paternal grandfathers whose name ends in -ova (if hubby were Fredovic they would take his name in the form Fredova), or how many how many Russian granddads have last names ending in "va" insteacd of "v"? :laugh:
And of course there's anyone who takes the name of an adoptive parent π
Your comment about only unmarried women etc is almost as funny as the stupid security system. :blink:
ROFL. Tom you are absolutely right. I will do my best now to make my statement UNfunny. Sheesh!!!
Obviously I meant married. π
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 β Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
July 26, 2012 at 11:20 am
July 26, 2012 at 11:32 am
July 26, 2012 at 11:45 am
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspx
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
July 26, 2012 at 12:18 pm
GilaMonster (7/26/2012)
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspx
Too tempting... had to post there.
Wayne
Microsoft Certified Master: SQL Server 2008
Author - SQL Server T-SQL Recipes
July 26, 2012 at 12:24 pm
WayneS (7/26/2012)
GilaMonster (7/26/2012)
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspxToo tempting... had to post there.
Wayne, you are so mean.
July 26, 2012 at 12:38 pm
Brandie Tarvin (7/26/2012)
WayneS (7/26/2012)
GilaMonster (7/26/2012)
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspxToo tempting... had to post there.
Wayne, you are so mean.
Succinct. I like it.
July 26, 2012 at 12:39 pm
GilaMonster (7/26/2012)
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspx
The very phrasing of the question makes me think this person isn't up to the task. I hope they learn quickly!
--------------------------------------
When you encounter a problem, if the solution isn't readily evident go back to the start and check your assumptions.
--------------------------------------
Itβs unpleasantly like being drunk.
Whatβs so unpleasant about being drunk?
You ask a glass of water. -- Douglas Adams
July 26, 2012 at 12:48 pm
WayneS (7/26/2012)
You'll might find this interesting: http://www.sqlperformance.com/2012/07/t-sql-queries/split-strings
Very interesting indeed. Poor Jeff. Poor Tally Tables.
July 26, 2012 at 12:53 pm
Brandie Tarvin (7/26/2012)
WayneS (7/26/2012)
You'll might find this interesting: http://www.sqlperformance.com/2012/07/t-sql-queries/split-stringsVery interesting indeed. Poor Jeff. Poor Tally Tables.
Did you take a close look at how Jeff's split routine was modified? His routine is optimized for varchar(8000) or nvarchar(4000) depending on which routine you use.
I take that testing with a grain of salt or two.
July 26, 2012 at 12:59 pm
Stefan Krzywicki (7/26/2012)
GilaMonster (7/26/2012)
And the vague question of the week award goes to: http://www.sqlservercentral.com/Forums/Topic1336028-391-1.aspxThe very phrasing of the question makes me think this person isn't up to the task. I hope they learn quickly!
I was tempted to post that if they don't even know where to begin they should start with the yellow pages and look under "Database Consultant". π
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 β Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
Viewing 15 posts - 37,051 through 37,065 (of 66,564 total)
You must be logged in to reply to this topic. Login to reply