International Change Your Password Day
-
Naerling wrote:
You NEVER disagreed with someone who's higher up the ranks than you?
I frequently (one might say always) disagreed with at least one person higher than me on almost all aspects of company policy. There are, however, right and wrong ways to air grievances/disagreements in a professional organization. Once you break outside those boundaries, regardless of who may or may not be correct you have lost. Also by allowing someone to 'get away with' not implementing a policy the organization loses enormously.
Henry Minute Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.” I wouldn't let CG touch my Abacus! When you're wrestling a gorilla, you don't stop when you're tired, you stop when the gorilla is. Cogito ergo thumb - Sucking my thumb helps me to think.
I call my boss Tuna fish because his name sounds like Tuna and I call my other boss Dork because it's only one letter difference. They call me all kind of names too. Just because we're not all uptight and we can. I wear my green teenage mutant ninja turtle sweater to work and even to customers. I don't mind, my bosses don't mind and our clients don't mind either (they actually like me and ask for me personally). What's important is our software and overall our clients are pretty satisfied about that. Did I also mention clients called me 'an angel' and a (translated) 'son of a bitch' in an affectionate kind of way :) Of course we can be serious and to the point if we have to, just not always. I guess the Dutch are just relaxed like that. And actually that's just how I like it. I wouldn't want to wear a tuxedo to work and call my superiors 'sir'. I understand things get more formal if a company gets bigger, and if I worked at a big company I would comply to those rules. This might sound ridiculous to you and how could a company that works like that ever get anything done!? Fact is that we've helped customers where our much bigger competitors failed :)
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
} -
I have two cats and they wouldn't be able to agree on the password. They do keep asking me about this "mouse" they keep hearing about.
Psychosis at 10 Film at 11 Those who do not remember the past, are doomed to repeat it. Those who do not remember the past, cannot build upon it.
Cats... :laugh:
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
} -
chodi wrote:
there is one recent case of one client stealing anothers data, and they cannot figure out how
And if you tell them how I did it, I'll send the boys round! Bwahahahahahahahaha!
Henry Minute Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.” I wouldn't let CG touch my Abacus! When you're wrestling a gorilla, you don't stop when you're tired, you stop when the gorilla is. Cogito ergo thumb - Sucking my thumb helps me to think.
-
jschell wrote:
required to be changed often
This is about the most stupid thing a password system can do. What is it meant to achieve? If someone hacks your PW, he won't put it aside for a couple of days, let alone a month or more. And, hopefully, you'll notice it when the damage is done long before that one- or three-month period is over. If not, by the time you do your scheduled PW change, there's nothing left to bother securing. I don't know where the notion comes from that a password is more secure when it gets changed often. The only thing it really achieves is p****ing off users, and causing them to use easy to remember passwords, that are in turn rated 'weak' (but see below)
jschell wrote:
they are validated to be strong passwords
The problem with so called 'strong passwords' is that they are a misnomer, and in fact quite weak when you consider what they're set against: a hacker's powerful computer and clever algorithms built around exactly the same rules that PW strength checkers use, and humans' tendency to put as little effort as possible into following those rules. As a result, passwords generated under enforced PW strength rules (such as 'must have at least one special character') are hard to remember by humans but still easy to guess by computers.
Stefan_Lang wrote:
This is about the most stupid thing a password system can do. What is it meant to achieve? If someone hacks your PW, he won't put it aside for a couple of days, let alone a month or more. And, hopefully, you'll notice it when the damage is done long before that one- or three-month period is over. If not, by the time you do your scheduled PW change, there's nothing left to bother securing.
One very obvious thing it allows is that the password checking semantics can be changed/updated. And perhaps in your world attackers do nothing but slash and dash but in mine keeping access to systems for a long time is an advantage.
Stefan_Lang wrote:
I don't know where the notion comes from that a password is more secure when it gets changed often. The only thing it really achieves is p****ing off users, and causing them to use easy to remember passwords, that are in turn rated 'weak' (but see below)
So you suggest allowing weak passwords and never changing them?
Stefan_Lang wrote:
As a result, passwords generated under enforced PW strength rules (such as 'must have at least one special character') are hard to remember by humans but still easy to guess by computers.
If such rules are not in place then users will pick passwords that a straight dictionary attack will reveal. Variations significantly increase the possibilities. And that along with well designed systems means that a computer driven attack based on sequential guessing, REGARDLESS of the hardware, will take too long to be feasible.
-
Rob Grainger wrote:
data protection law in the country you are based in
I don't think there is a law about how much you have to change you password :doh: If there was my boss would be a fool to comply with my 'demands' for keeping my old password.
Rob Grainger wrote:
Which rock have you been hiding to be so unaware of security issues over the last few years?
As far as I know none of those issues were about people that did not change their passwords... It was about passwords (no matter how often they were changed) that were stored unencrypted, were sent over an unsecured line, were shared with other people etc.
Rob Grainger wrote:
I'd then sue for constructive dismissal
Are you an American? GTA4 had a great joke about it on the radio "sue anyone for anything and you'll probably win!" Anyway, there was no need to sue me since I was on a six month contract and it would've ended pretty soon. There wasn't any money or honour to be made from sueing me either. Besides the fact that I sometimes disagree with people I did my job pretty well. Really, if my boss thought it absolutely necessary to change my password he would've said something like "Naerling (ok, he'd use my real name), I sense some frustration, but this is really for the best... Trust me ;)" And since my boss has a way with people I'd probably calm down a bit, say "ok" and leave the room disgruntled.
Rob Grainger wrote:
this childish attitude
My 'childish' attitude has been asked for, appreciated and rewarded quite a few times in the last year since it also involves studying hard, thinking of and sharing idea's, writing good software, and doing overtime when necessary. I respect and appreciate your opinion on passwords and changing them, but I think you just had a bad day and are taking it out on me (perhaps it was bad because someone somewhere didn't change their password?). By the way, I just read a post from someone claiming to be a hacker (good or evil, he didn't say) and he says changing passwords is just a silly habit passed down to generations. The post is somewhere in this topic, I might have twisted his words a bit, but you can look it up. You don't have to agree, but know that I am not alone ;)
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWoNaerling wrote:
As far as I know none of those issues were about people that did not change their passwords... It was about passwords (no matter how often they were changed) that were stored unencrypted, were sent over an unsecured line, were shared with other people etc.
There have been a number of recent cases involving weak passwords. If you do not have a automatic change policy then you have two choices if your system was not previously checking strength. 1. Require everyone to select new passwords 2. Hope that no one is using weak passwords.
Naerling wrote:
and he says changing passwords is just a silly habit passed down to generations.
So rationalize why such a policy isn't a good idea. I believe you stated that people would write them down if it requires too much complexity....so lets run with that. So to get access to your password that is written down I must physically see that piece of paper and then do something with it. So either you invite me to your desk or I break in. In either case mostly related to people in your immediate area, and presuming that your physical security is rather week, and that you blantantly post the password on your desk somewhere. And that your personal access is meaningful as an attack vector into the company. Versus....a weak policy...where the entire world has the opportunity to decide to attack your company and using a dictionary attack to attempt to gain access to every single user on the system (after all they don't need to limit themselves to just one.) Please explain to me how that is better.
-
Naerling wrote:
As far as I know none of those issues were about people that did not change their passwords... It was about passwords (no matter how often they were changed) that were stored unencrypted, were sent over an unsecured line, were shared with other people etc.
There have been a number of recent cases involving weak passwords. If you do not have a automatic change policy then you have two choices if your system was not previously checking strength. 1. Require everyone to select new passwords 2. Hope that no one is using weak passwords.
Naerling wrote:
and he says changing passwords is just a silly habit passed down to generations.
So rationalize why such a policy isn't a good idea. I believe you stated that people would write them down if it requires too much complexity....so lets run with that. So to get access to your password that is written down I must physically see that piece of paper and then do something with it. So either you invite me to your desk or I break in. In either case mostly related to people in your immediate area, and presuming that your physical security is rather week, and that you blantantly post the password on your desk somewhere. And that your personal access is meaningful as an attack vector into the company. Versus....a weak policy...where the entire world has the opportunity to decide to attack your company and using a dictionary attack to attempt to gain access to every single user on the system (after all they don't need to limit themselves to just one.) Please explain to me how that is better.
Seeing how ONE good password can take a couple of billion years to crack according to this[^] website I'd say it is more secure to not having to have pieces of paper laying around that WILL be discovered (people at our office often switch seats for whatever reason, 'borrow' a pen from someone's desk, take a sheet of paper, etc. versus having a password that will NOT be cracked anytime soon :) Unless you're planning on getting attacked by a 'super computer' which would be a gigantic waste of resources if it were used on our little company... Anything less than good will still take a little while, but I see your point where, if you're on the edge, having to change passwords every two months can save your ass by a couple of days! Anyway, for my personal accounts and for our company I am willing to take the risk of being attacked by a supercomputer and have my password cracked in mere seconds vs. the inconvenience of having to change it every two months.
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
} -
Wow, I'm speechless. I hope you're proud of the fact that this childish attitude has probably made your company fail to comply with data protection law in the country you are based in. Which rock have you been hiding to be so unaware of security issues over the last few years? I'm with Henry here, with that attitude, either you'd go or me. If it was me, I'd then sue for constructive dismissal.
If you (or Henry) were the admin you wouldn't have the authority to fire anyone. And if you quit you would NOT have grounds for action under constructive dismissal. Calm down and curb the aggression.
-
ICYPD[^]. It seems that someone else is trying to start an International Change Your Password Day - February 1st. A swift search on change password day reveals at least 4 other attempts at starting national/international days, on the first page of results. This would indicate that the idea of having a special day for it has not caught on. What do you think? Is it the idea of a special day for it that isn't popular or just a lack of interest (lack of comprehension for the need) to change them.
Henry Minute Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.” I wouldn't let CG touch my Abacus! When you're wrestling a gorilla, you don't stop when you're tired, you stop when the gorilla is. Cogito ergo thumb - Sucking my thumb helps me to think.
-
Changing your password without a good reason is a mindless practice that has been passed down long ago and is no longer valid. It used to be that a hacker could download a password file and take days to decrypt it. If you changed your password during that time, you would have saved yourself some distress, but only if you changed it during that time, a window of a now unlikely opportunity that has gotten so small that regularly changing your password no longer helps that situation. Another reason to change your password is if you have given it to anyone or suspect that someone has read the note that you had to put it on, because some smart system admin has made unreasonable rules that you can't follow without writing it down. In that case, you should change your password right away, not wait for the scheduled time period to do it. There are only two rules that really apply to users these days: 1. Don't give it to anyone. 2. Make it a long multiple word phrase (more than 20 characters) that is easy for you to remember. And there are two rules for system administrators: 1. Never store the password in clear text or transmit it over email. 2. Allow long passwords and don't force arbitrary rules and restrictions about it.
Good advice. Personally I let KeePass generate 30 character random passwords which have upper and lower case letters, numbers and other ASCII characters. That way I only have to remember one strong password. I hate systems which force me to change my password, even worse, restrict the maximum length or allow only numbers or letters. To me these restrictions are a possible indication the developers are not salting and hashing as they should be.
-
Stefan_Lang wrote:
This is about the most stupid thing a password system can do. What is it meant to achieve? If someone hacks your PW, he won't put it aside for a couple of days, let alone a month or more. And, hopefully, you'll notice it when the damage is done long before that one- or three-month period is over. If not, by the time you do your scheduled PW change, there's nothing left to bother securing.
One very obvious thing it allows is that the password checking semantics can be changed/updated. And perhaps in your world attackers do nothing but slash and dash but in mine keeping access to systems for a long time is an advantage.
Stefan_Lang wrote:
I don't know where the notion comes from that a password is more secure when it gets changed often. The only thing it really achieves is p****ing off users, and causing them to use easy to remember passwords, that are in turn rated 'weak' (but see below)
So you suggest allowing weak passwords and never changing them?
Stefan_Lang wrote:
As a result, passwords generated under enforced PW strength rules (such as 'must have at least one special character') are hard to remember by humans but still easy to guess by computers.
If such rules are not in place then users will pick passwords that a straight dictionary attack will reveal. Variations significantly increase the possibilities. And that along with well designed systems means that a computer driven attack based on sequential guessing, REGARDLESS of the hardware, will take too long to be feasible.
jschell wrote:
One very obvious thing it allows is that the password checking semantics can be changed/updated.
I'm sorry, but that is not an obvious reason for scheduled password change, in fact it is a reason against it: It is a reason for deliberate password change, executed when necessary. If you realize you should implement some better password rules, why wait several weeks or months for the update?
jschell wrote:
If such rules are not in place then users will pick passwords that a straight dictionary attack will reveal.
I never suggested using words straight from the dictionary. I never suggested not checking password strength either. I just say that the usual rules don't help. Not enough to be worth the bother anyway. Let password strength checkers use dictionaries to prevent dictionary attacks. Let them check for substitutions such as '0' for 'O', '$' for 'S', or 1 for 'l'. Let them check for all the well known tricks that attacker programs also use to minimize the number of variations they need to check. But forget rules! They just help attackers to know just what variations they need to add! The more concise the enforced rules are, the less variation they truly add. Make the rules less strict however, and the attack programs no longer have any assumptions they can build their algorithms on!
jschell wrote:
Variations significantly increase the possibilities.
I agree on that. It's just that enforcing the use of special characters adds only a very limited amount of variation: Must use caps? Right, I'll put it on the first character (where else?). That doesn't even add any variation because I often did exactly that before anyone forced me to. (so it will even decrease variation as the choice of using a cap or not is taken from me. Then again, hardly anyone uses caps anymore these days...) Must use a number? Ok, just put one 'random' number at the end. Well... why not '1'? Done. Variation added: none. Ok, some people might use, 2, or 9, I don't know. But I'm convinced the majority of 'enforced' numbers are just '1'. Must add some special character? Ugh, I actually have to use Shift to reach one of those - I'm not a typist, thank you very much! Well, I only have to use one to satisfy the algorithm, and, to help me memorize, I'll put it at the end. (I might put it at the start, but some password systems do fo
-
Good advice. Personally I let KeePass generate 30 character random passwords which have upper and lower case letters, numbers and other ASCII characters. That way I only have to remember one strong password. I hate systems which force me to change my password, even worse, restrict the maximum length or allow only numbers or letters. To me these restrictions are a possible indication the developers are not salting and hashing as they should be.
Yes, it's those restrictions that bug me the most, usually. I've seen password checkers with incredibly restricting rules, but only allowing only 12, or even 8 characters. With such a limited length, all those restrictions achieve is reduce variation rather than increase it.
-
Wow, I'm speechless. I hope you're proud of the fact that this childish attitude has probably made your company fail to comply with data protection law in the country you are based in. Which rock have you been hiding to be so unaware of security issues over the last few years? I'm with Henry here, with that attitude, either you'd go or me. If it was me, I'd then sue for constructive dismissal.
The issue is that current password strength enforcement systems are not well suited to prevent breaches, and that companies get so sercurity-crazed that they place the most complex of systems over even the least relevant of data. Maybe you have in fact access to data that are subject to nationwide security. And if that does require all the security measures you can think of, then so be it. But I do not: The most protected system I have access to is the one I use to enter and view my working hours. I can't do anything else with that system. But that doesn't change I need to jump through hoops and navigate through half a dozen screens just to log in. I can't even access it from anywhere but the desktop at my office, and if anyone has access to that, then there's a lot more at stake than some stupid work hour statistics! That is what's wrong! I spend valuable time every day, every week, every month, to satisfy a stupid security system that doesn't protect anything worth protecting. And worse, it already is protected. In contrast, the most important data I have access to only requires one login, and the password doesn't need to be very special, nor do I ever need to change it. Security is ensured through a code table. Simple. Easy to use and maintain. Just one new code table every year or so. And very effective all the same. That's what security should be like.
-
jschell wrote:
One very obvious thing it allows is that the password checking semantics can be changed/updated.
I'm sorry, but that is not an obvious reason for scheduled password change, in fact it is a reason against it: It is a reason for deliberate password change, executed when necessary. If you realize you should implement some better password rules, why wait several weeks or months for the update?
jschell wrote:
If such rules are not in place then users will pick passwords that a straight dictionary attack will reveal.
I never suggested using words straight from the dictionary. I never suggested not checking password strength either. I just say that the usual rules don't help. Not enough to be worth the bother anyway. Let password strength checkers use dictionaries to prevent dictionary attacks. Let them check for substitutions such as '0' for 'O', '$' for 'S', or 1 for 'l'. Let them check for all the well known tricks that attacker programs also use to minimize the number of variations they need to check. But forget rules! They just help attackers to know just what variations they need to add! The more concise the enforced rules are, the less variation they truly add. Make the rules less strict however, and the attack programs no longer have any assumptions they can build their algorithms on!
jschell wrote:
Variations significantly increase the possibilities.
I agree on that. It's just that enforcing the use of special characters adds only a very limited amount of variation: Must use caps? Right, I'll put it on the first character (where else?). That doesn't even add any variation because I often did exactly that before anyone forced me to. (so it will even decrease variation as the choice of using a cap or not is taken from me. Then again, hardly anyone uses caps anymore these days...) Must use a number? Ok, just put one 'random' number at the end. Well... why not '1'? Done. Variation added: none. Ok, some people might use, 2, or 9, I don't know. But I'm convinced the majority of 'enforced' numbers are just '1'. Must add some special character? Ugh, I actually have to use Shift to reach one of those - I'm not a typist, thank you very much! Well, I only have to use one to satisfy the algorithm, and, to help me memorize, I'll put it at the end. (I might put it at the start, but some password systems do fo
Stefan_Lang wrote:
Let password strength checkers use dictionaries to prevent dictionary attacks. Let them check for substitutions such as '0' for 'O', '$' for 'S', or 1 for 'l'. Let them check for all the well known tricks that attacker programs also use to minimize the number of variations they need to check. But forget rules! They just help attackers to know just what variations they need to add!
Interesting idea. I suspect it takes too long however.
Stefan_Lang wrote:
Take these three rules together and you get a combined variation of 1*1*10*2 = 20.
Myself I prefer more stringent checks than that. Some that I have used 1. Special character must not be only at end/beginning. 2. numerics must not be only at end/beginning. Don't think I thought of the only upper case at beginning but now that you have mentioned it, it suggests another rule.
-
Seeing how ONE good password can take a couple of billion years to crack according to this[^] website I'd say it is more secure to not having to have pieces of paper laying around that WILL be discovered (people at our office often switch seats for whatever reason, 'borrow' a pen from someone's desk, take a sheet of paper, etc. versus having a password that will NOT be cracked anytime soon :) Unless you're planning on getting attacked by a 'super computer' which would be a gigantic waste of resources if it were used on our little company... Anything less than good will still take a little while, but I see your point where, if you're on the edge, having to change passwords every two months can save your ass by a couple of days! Anyway, for my personal accounts and for our company I am willing to take the risk of being attacked by a supercomputer and have my password cracked in mere seconds vs. the inconvenience of having to change it every two months.
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
}Naerling wrote:
Seeing how ONE good password can take a couple of billion years to crack according to this[^]
What is your point - my position is that a strong password is better than a weak one. Which is what that link shows.
Naerling wrote:
Unless you're planning on getting attacked by a 'super computer' which ...
No idea what you are talking about. With a weak password policy in place, and without stringent password implementation policies, a dictionary attack along with some manual guessing can break into a system very quickly. And that has nothing to do with your link.
Naerling wrote:
if you're on the edge, having to change passwords every two months can save your ass by a couple of days!
As I already said continous access to a system, not just hit a dash, is a technique that is employed. Requiring pwd changes gets rid of that.
-
The issue is that current password strength enforcement systems are not well suited to prevent breaches, and that companies get so sercurity-crazed that they place the most complex of systems over even the least relevant of data. Maybe you have in fact access to data that are subject to nationwide security. And if that does require all the security measures you can think of, then so be it. But I do not: The most protected system I have access to is the one I use to enter and view my working hours. I can't do anything else with that system. But that doesn't change I need to jump through hoops and navigate through half a dozen screens just to log in. I can't even access it from anywhere but the desktop at my office, and if anyone has access to that, then there's a lot more at stake than some stupid work hour statistics! That is what's wrong! I spend valuable time every day, every week, every month, to satisfy a stupid security system that doesn't protect anything worth protecting. And worse, it already is protected. In contrast, the most important data I have access to only requires one login, and the password doesn't need to be very special, nor do I ever need to change it. Security is ensured through a code table. Simple. Easy to use and maintain. Just one new code table every year or so. And very effective all the same. That's what security should be like.
Stefan_Lang wrote:
I can't even access it from anywhere but the desktop at my office, and if anyone has access to that, then there's a lot more at stake than some stupid work hour statistics!
Last report I saw, national, large scale, based on actual recovery efforts (not self reporting) two years ago, suggested that more than 90% of security problems originated internally.
Stefan_Lang wrote:
In contrast, the most important data I have access to only requires one login, and the password doesn't need to be very special, nor do I ever need to change it. Security is ensured through a code table. Simple. Easy to use and maintain. Just one new code table every year or so. And very effective all the same. That's what security should be like.
When the aliens (or angels) land and take over all systems they can make them perfect. Until that happens we must live with imperfect humans. And thus strive to insure that systems are secure.
-
Well, we don't have it anymore. And I still think it's a stupid, good for nothing policy :) Do you feel more secure because of it? ARE you better secured? As I understood elsewhere in this topic a password can be cracked in a couple of days or even minutes. All your passwords in the world won't change that.
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
}[shrug] Well some people are made happy by the policy even if the efficacy is questionable. True - if someone has my password hash, and if they have a full set of rainbow tables, then yes - you are correct that the exercise is trivial (it is just a look-up in the table). But, that's not the case. Which leaves them only got three guesses before the account is locked. They won't get it in three guesses unless there's another piece of weirdness like a hash collision between my password and their guess, or maybe they have an HD camera focused on my keyboard. So, I see three choices: I can waste my breath 'raging against the machine'. I can quit. I can accept it. Note that acceptance does not preclude grumbling about it. Choices... life is full of them :-) -Chris C.
-
Naerling wrote:
Seeing how ONE good password can take a couple of billion years to crack according to this[^]
What is your point - my position is that a strong password is better than a weak one. Which is what that link shows.
Naerling wrote:
Unless you're planning on getting attacked by a 'super computer' which ...
No idea what you are talking about. With a weak password policy in place, and without stringent password implementation policies, a dictionary attack along with some manual guessing can break into a system very quickly. And that has nothing to do with your link.
Naerling wrote:
if you're on the edge, having to change passwords every two months can save your ass by a couple of days!
As I already said continous access to a system, not just hit a dash, is a technique that is employed. Requiring pwd changes gets rid of that.
jschell wrote:
my position is that a strong password is better than a weak one
I never disagreed with you there.
jschell wrote:
a dictionary attack along with some manual guessing can break into a system very quickly
Indeed, well within one or two months, in that case changing your password so frequently wouldn't help very much since it'll be cracked before you change it. And as computers get quicker and technology improves it will be just a matter of minutes before even the most secure password gets cracked. What's next? Changing your password hourly? Having bookworks for passwords?
jschell wrote:
As I already said continous access to a system, not just hit a dash, is a technique that is employed. Requiring pwd changes gets rid of that.
Maybe, I'm still not convinced. Anyway, for all the many profiles I have on numerous websites on the web I choose not to spend a day a month to check them all and change my password one by one... It's a risk I am willing to take in exchange for some convenience. As for work policies, I did not agree with the password change and my boss agreed with me that it wasn't necessary for our company. If my boss had not agreed with me I wouldn't have had a choice and change my password every two or three months.
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
} -
[shrug] Well some people are made happy by the policy even if the efficacy is questionable. True - if someone has my password hash, and if they have a full set of rainbow tables, then yes - you are correct that the exercise is trivial (it is just a look-up in the table). But, that's not the case. Which leaves them only got three guesses before the account is locked. They won't get it in three guesses unless there's another piece of weirdness like a hash collision between my password and their guess, or maybe they have an HD camera focused on my keyboard. So, I see three choices: I can waste my breath 'raging against the machine'. I can quit. I can accept it. Note that acceptance does not preclude grumbling about it. Choices... life is full of them :-) -Chris C.
jccompton43 wrote:
an HD camera focused on my keyboard.
Or keylogger... Been a victim of that once. Lucky I store all my passwords so I don't have to retype them :) (And now I'll have the 'never-store-your-passwords' maffia on my back)
jccompton43 wrote:
I can waste my breath 'raging against the machine'.
My breath wasn't wasted as my boss agreed with me :)
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
} -
jccompton43 wrote:
an HD camera focused on my keyboard.
Or keylogger... Been a victim of that once. Lucky I store all my passwords so I don't have to retype them :) (And now I'll have the 'never-store-your-passwords' maffia on my back)
jccompton43 wrote:
I can waste my breath 'raging against the machine'.
My breath wasn't wasted as my boss agreed with me :)
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
}Naerling wrote: My breath wasn't wasted as my boss agreed with me Not your breath, mine. I was just talking about my choices based on where I am. Were you here, it would be a waste of your breath also. :) And, just so you don't misunderstand, they think highly of me here. FWIW, -Chris C.
-
Naerling wrote: My breath wasn't wasted as my boss agreed with me Not your breath, mine. I was just talking about my choices based on where I am. Were you here, it would be a waste of your breath also. :) And, just so you don't misunderstand, they think highly of me here. FWIW, -Chris C.
jccompton43 wrote:
Were you here, it would be a waste of your breath also.
And I probably wouldn't have wasted it :) I can estimate my chances of success ;)
It's an OO world.
public class Naerling : Lazy<Person>{
public void DoWork(){ throw new NotImplementedException(); }
}
